Been messing around with OpenVPN today since I had some time and it’s a little frustrating. There’s some tutorials out there, but they’re all pretty terse… most of the stuff it’s almost assumed that you already know. Anyways, used the church I go to since I have access to one of the servers there and set it up as an OpenVPN server with the appropriate forwarding via the firewall (a linksys “box”). Then set my firewall for my LAN as the OpenVPN client. Connection established, works great. Can ping the server from the client; however despite following some tutorials with shorewall/OpenVPN integration, I could only get the firewall itself to ping the remote server. None of the clients systems would (which makes it a little silly since the idea is to have always-on access from any machine on my network).
Anyways, installed this software called Tunnelblick for OS X to stick on my laptop and see if I could get one client to talk. Works well enough, but Tunnelblick comes with absolutely no documentation. It’s a free GUI to OpenVPN so I suppose I shouldn’t complain too much.
So I could mount a samba share on my laptop from the server in the church. Mission accomplished, for the most part (although trying to get any of these guys at the church to setup Tunnelblick would probably result in my getting kicked out of the church). One thing I had wanted to do was to access the firewall’s web interface, but was unable to… for some reason I can ping the server, but not the firewall. Maybe the VPN connection makes the connection between the two machines only, instead of allowing me to access any resource from here (useful for samba, I guess, but at that point I’d rather just use SFTP and drop OpenVPN altogether since the idea is to allow remote access of files for the staff). However, I did follow a tutorial on making one LAN access another LAN… not sure why it’s not working.
Anyways, then I whipped out my absolute favourite tool to solve the job… a quick ssh tunnel and I was able to access the remote firewall’s web interface from the inside. Gotta love ssh port forwarding.
Hopefully tomorrow I can get the whole LAN<->LAN thing working. Need to find some different (better?) tutorials I guess. Anyone have any good suggestions?