Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

openVPN, each client an own IP
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

openVPN, each client an own IP

webcraftwebcraft Member
in Help

Hello,
I created an openvpn server, so far so good but I wanna give each client it's own ip (dedicated IP). How do I do so (I have several single IPs)?
I don't really have an idea except creating a new vServer with the corresponding IP and install opwnvpn there.

Comments

  • SpiritSpirit Member
    edited December 2014

    You can run multiple OpenVPN instances under one installation. What I usually do in OpenVZ VPS box for my personal needs is to create different openvpn.conf files (ie. openvpn1.conf openvpn2.conf) with different port and network subnet to netmask in each.

    ie. nano /etc/openvpn/openvpn1.conf
    port 1194
    server 10.6.0.0 255.255.255.0

    and another /etc/openvpn/openvpn2.conf with...

    port 1195
    server 10.7.0.0 255.255.255.0

    (all other lines should stay the same - this above isn't complete conf file, just example of lines which needs to be different in each instance you run)

    Setup iptables (lets say that I want to use 176.xxx.xxx.xx1 and 176.xxx.xxx.xx2 IPs with my two OpenVPN instances).

    ie.
    chmod 755 /etc/rc.local
    nano /etc/rc.local

    echo 1 > /proc/sys/net/ipv4/ip_forward
    iptables -t nat -A POSTROUTING -s 10.6.0.0/24 -j SNAT --to 176.xxx.xxx.xx1
    echo 1 > /proc/sys/net/ipv4/ip_forward
    iptables -t nat -A POSTROUTING -s 10.7.0.0/24 -j SNAT --to 176.xxx.xxx.xx2

    And then specify those different ports also in user .ovpn conf file

    ie. user1.ovpn with:
    remote 176.xxx.xxx.xx1 1194

    user2.ovpn with:
    remote 176.xxx.xxx.xx1 1195

    That's not optimal solution if you plan to resell service, but you will get brief idea.

    Thanked by 34n0nx deadbeef webcraft
  • cosmicgatecosmicgate Member

    Use the ccd options in openvpn and then snat to dedicated ip.

    Problem solved.

  • webcraftwebcraft Member

    @cosmicgate said:
    Use the ccd options in openvpn and then snat to dedicated ip.

    Problem solved.

    How to do so? I don't really get it out of the howto.html.
    Reply #1 is working very well. ;) thanks

  • Wira_SoenaryoWira_Soenaryo Member

    Wanna know this solution too.. :)

  • webcraftwebcraft Member

    None can explain? Google's not really helpful this time.

  • bf1bf1 Member
    edited January 2015

    ccd = client config dir

    client-config-dir -- This directive sets a client configuration directory, which the OpenVPN server will scan on every incoming connection, searching for a client-specific configuration file (see the the manual page for more information). Files in this directory can be updated on-the-fly, without restarting the server. Note that changes in this directory will only take effect for new connections, not existing connections. If you would like a client-specific configuration file change to take immediate effect on a currently connected client (or one which has disconnected, but where the server has not timed-out its instance object), kill the client instance object by using the management interface (described below). This will cause the client to reconnect and use the new client-config-dir file.

    This shows how to add specific IP to a client:

    http://michlstechblog.info/blog/openvpn-set-a-static-ip-address-for-a-client/

    Then it's all about SNAT source->destination like mentioned above.

    Thanked by 1webcraft
Sign In or Register to comment.