Hello all, I am confused about our openvpn connection.
One of our worker who is working from home is using shared folder on ibay to save CAD docs that complains it is very difficult to work on shared folder. Eventhough the file size is 35mb it takes so long to save documents over the vpn connection to shared ibay folder. I am trying to understand that;
is the connection is based on “routing all traffic over the openvpn” ? if yes how can I verify.
In this situation it is more efficent to use "ROUTING ALL TRAFFIC through OPENVPN or not ?
Hi Andy, when I check my settings i can see these settings.
I would ask you to give me help about;
connect this server public IP /host - what kind of IP should i insert there?
compression is OK LZO ? I think you have costomized LZ4
do i have to enable Allow client to client traffic ? (bcos i don’t have option - Route all client trffic through vpn)- I have bridge mode not routed mode.
I’d erase the OpenVPN configuration and recreate it as the more modern “routed” instead of “bridged”.
This gives you a few options more…
LZO4 generally works, but so does the older compression. The newer gives better rates, especially if using the suggested cipher / digest and SHA512 & GCM…
→ This alone can bring an almost 80% increase - or more in transfer speeds!
Dear Andy, I setup virtual network to realise the concept.
I want to know that our server green ip address is 192.168.100.0 /24. But routed vpn is 10.0.0.0. /24. Can i access webpage on another server which is 192.168.100.120?
Your NethServer is your default gateway, so all other servers / hosts will use that IP (NethServer LAN “Green” IP) to return any packets.
The complete vpn network (10.0.0.0/24)= should be entered in all NethServers “Trusted Networks” (If you have more than one NethServer).
I tend to use 10.99.X.0/24 as VPN network, where X is equal to the 3rd Octet of the LAN IP.
LAN: 192.168.100.0/24
VPN: 10.99.100.0/24
The 10.99 signifies for me a VPN, the third octet signifies which client network I’m connecting to…
The above is probably a Typo, as 192.168.100.0 /24 is NOT a valid IP adress for a host, it’s for a complete network. Probably you mean 192.168.100.1 /24.
Thanks for better explaination. I want to mention you that all the clients are connecting to vpn from home, not at the premises where the server is situated. it’ll not be a problema to access other resouces of the server side network ?
No, as said, all PCs, printers and other servers will use your NethServer as Gateway, so they should have no issues.
The only caveat (problem) can be when servers have an additional firewall protection, like NethServer has with it’s “Trusted Networks” feature. Here the system needs to know that the VPN network is “trusted” and access is OK.
I have trunsted networks like 192.168.100.0 automatically assigned. I think it will not be a problem as you explained.
I have a question about onething - I cannot use “speedtest.net” to check speed when i connect to openvpn. I have to find a solution also to that problem ?
This looks like a null-routed service, maybe for testing. The domain should not work from LAN or VPN, unless 192.168.100.5 is something special, like a Proxy…
Hello Andy, I have setup the routed VPN and found a good connection which uploads 600mb file within 2min from client to server. I am appriciating your big help for implement this in the correct way. See you next time.