So your network A was something like say 192.168.10.0/24 and your network B was something like 192.168.20.0/24 - and your VPN subnet on A was something like 192.168.11.0/24? and you advertised network A (for example 192.168.10.0/24) to the VPN subnet (for example 192.168.11.0/24)? and you didn't have to set any special firewall rules to allow traffic from the A network to the VPN subnet or the VPN subnet to the A network? or from the B network to the A network? or from the A network to the B network?
If so - the only main difference I see is that I am using 0.11.2 stable - instead of 0.11.9. I'll give 0.11.9 a try tomorrow. Thanks, Eric Eric Baenen [EMAIL PROTECTED] www.baenen.com www.washingtoncreek.com > Hi, > > > I was just wondering if anyone is actively using site to site VPN's > with > > eBox systems at both ends for the firewall/routers? If you have > this > > working could you please share your configuration and anything > special you > > did to get it working? > > I've just tested this with two eBox running 0.11.9 and it worked > fine. > > Let's do a quick review of the steps I followed to see if there's any > > discrepancy: > > eBox A: > - You will need to initialise your Certificate Authority and create > certificates for your server and client > - You will need an openVPN server > - Tick "allow eBox-to-eBox tunnels" in its configuration > - Make sure the openVPN server is active and the general openVPN > service is > enabled > - Download a client bundle clicking on the down-arrow in the main > openVPN > page (Actions column). Select Linux. > - Save changes and you will be done with eBox A > > eBox B: > - Uncompress the bundle file you have downloaded from eBox A in your > desktop > machine as you will need to upload some files. > - Go to openVPN, create a new client > - Set a client name > - Active the openVPN > - Set the public IP of eBox A and its port (make sure you > have set > the proper redirections in your external router to reach eBox from the > > Internet) > - Upload the file cacert.pem which was within the bundle to CA's > certificate > - Upload the file xxxx.pem where xxx is the name of the certificate > assigned > by you to Client's certificate > - Upload the file xxx.pem where xxx are hex numbers to Client's > private key > - Click on create > - Make sure the general openVPN service is enabled > - Save changes > > > Some notes: > > Pay attention to the IPs used in both networks, they can't clash, so > pick > different networks. _______________________________________________ Ebox-user mailing list [email protected] https://lists.warp.es/mailman/listinfo/ebox-user
