Koozali.org: home of the SME Server

Obsolete Releases => SME 7.x Contribs => Topic started by: achandra on February 25, 2006, 09:20:20 AM

Title: SME 7 and some q's about Swerts-Knudsen OPENVPN
Post by: achandra on February 25, 2006, 09:20:20 AM: Okay.. I got through the install just fine and instructions were very clear for the Swerts-Knudsen vpn how to .

But I was a little confused in two parts -

1) It asks to use the open port feature..If I use the port forwarding port and leave the destination port with * does that do the same thing. Also noticed the panel is unde "unknown" rather than security. Im not complaining just wondering about how this functions. (Opening up port 1194 UDP)

2) As for the panels themselves there is a section when addind users that says allow user to VPN in or not. I tried with some accounts that say no. These ones were able to authenticate as well so Im not sure if its a bug or not. But I searched around on contribs.org and couldnt find a reference to this.

As a note - I did do the vpn part of it as a test to see if I could connect at all from the internal lan so Im not sure if it blocks users that Ive set to no if I VPN in from the outside. Can someone verify this??
Title: SME 7 and some q's about Swerts-Knudsen OPENVPN
Post by: gregswallow on February 25, 2006, 09:22:53 AM: Openvpn is a contrib - Moving this to the SME7 Contribs category.
Title: sure is
Post by: achandra on February 25, 2006, 09:30:46 AM: THNX 8-)
Title: SME 7 and some q's about Swerts-Knudsen OPENVPN
Post by: crazybob on February 26, 2006, 03:26:25 AM: Take a look at http://sme.firewall-services.com/HowtoOpenVPNSME7.pdf

It is for bridging mode, but if you look about half way down there is a section on opening the port
Title: Yup thats what I used
Post by: achandra on February 26, 2006, 08:58:31 AM: Hi,

Yep..Thats what I used. The questions I have ask about that very article...In essence why use the open port when Portforwarding pane is built in to SME 7. Does portwarding with * as the destination do the same thing as open port?
Title: Re: Yup thats what I used
Post by: CharlieBrady on February 26, 2006, 10:47:06 PM: Quote from: "achandra"
Hi,

Yep..Thats what I used. The questions I have ask about that very article...In essence why use the open port when Portforwarding pane is built in to SME 7. Does portwarding with * as the destination do the same thing as open port?

No, it doesn't.

You are correct though, that there is no need to use the "port opening"contrib, which has always been deprecated. The port will be open if you follow this part of the advice in the howto:

config set openvpn service status enabled access public UDPPort 1194
signal-event remoteaccess-update