How to setup internal routing.

This forum contains frequently asked questions for our services.

How to setup internal routing.

Postby admin » Sun Apr 12, 2009 9:00 pm

Used systems:
  • Linux (Ubuntu)
  • Windows XP SP2
Topology:
Code: Select all
 Internet (PRQ Tunnel) <------ OpenVPN Client (Gateway) <------ Internal clients
-------------------------------------------------------------------------------------
Network (Tunnel IPs)           x.x.x.x                          y.y.y.y
Network 
(Internal IPs)         192.168.1.1                      192.168.1.2

1. Setup the tunnel so that it works on the Gateway computer.

2. Setup a internal network (for example ETH0:1 on Linux, or under the Advanced tab in the TCP/IP settings on Windows XP)

3. Setup the client computer with one of the other tunnel IPs that you received when you ordered your tunnel service.
    NOTE! Windows cannot handle a /32 (255.255.255.255) host netmask, so you have to use a /30 (255.255.255.252) netmask.
    As default gateway you specify the Gateway computers tunnel IP (x.x.x.x).
4. Setup a internal network (for example ETH0:1 on Linux, or under the Advanced tab in the TCP/IP settings on Windows XP)

5. On the Gateway computer you add a route to the client.
    For example:
    Linux: route add -host y.y.y.y/32 gw 192.168.1.2
    Windows: route add y.y.y.y mask 255.255.255.255 192.168.1.2

That's it.
Do this for each internal client.

Important notice:
On Windows XP you have to enable IP forwarding (see http://support.microsoft.com/kb/315236), you have to reboot the computer when this is done.
On Linux make sure that IP forwarding is enabled (see http://www.ducea.com/2006/08/01/how-to- ... -in-linux/) you do not need to reboot a Linux box :).

With this you should have a basic idea how to setup internal routing.
The procedure is the same on all OSes, the only thing that can be different is the syntaxfor the routing and how you setup secondary IPs.

NOTE: This is not a PRQ supported solution, i.e if you have problems with setting this up, we cannot help you. PRQ only support it on one computer per tunnel service. You are allowed to setup the solution above, but PRQ will not help you in case of a problem with the above solution. This guide is just setup to give you a overview of how to set it up.
admin
Site Admin
 
Posts: 11
Joined: Mon Mar 02, 2009 10:41 pm

Return to FAQ and support

Who is online

Users browsing this forum: No registered users and 1 guest