This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
user_guide:openvpn_bridges [2016/09/27 04:15] admin [Our Setup] |
user_guide:openvpn_bridges [2020/08/12 13:37] (current) admin [The Hardware] |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== OpenVPN Bridges ====== | ====== OpenVPN Bridges ====== | ||
+ | {{ :user_guide:apdesk:openvpn_bridge.png?nolink |}} | ||
===== Introduction ===== | ===== Introduction ===== | ||
* We are very exited about a new feature which is now part of **MESHdesk** as well as **APdesk**. | * We are very exited about a new feature which is now part of **MESHdesk** as well as **APdesk**. | ||
Line 12: | Line 13: | ||
===== Our Setup ===== | ===== Our Setup ===== | ||
- | * For this document we will configure the following setup. | + | For this document we will configure the following setup. |
- | * One Ubuntu 14.04 server with two Ethernet cards and one public IP Address. | + | ==== The Hardware ==== |
+ | * One Ubuntu 18.04 server with two Ethernet cards and one public IP Address. | ||
* Eth1 will have the Public IP Address (198.27.111.78) | * Eth1 will have the Public IP Address (198.27.111.78) | ||
* Eth0 will be segmented using VLANs. | * Eth0 will be segmented using VLANs. | ||
- | * We will not need any VLAN capable switches. | + | * We will **not** need any VLAN capable switches. |
* Another server (can be the same) running the latest SVN of RADIUSdesk | * Another server (can be the same) running the latest SVN of RADIUSdesk | ||
* An Access Point with Internet access, running the latest build from SVN of the MESHdesk firmware. | * An Access Point with Internet access, running the latest build from SVN of the MESHdesk firmware. | ||
+ | |||
+ | <WRAP center round info 90%> | ||
+ | == Only one Ethernet port? == | ||
+ | * If your server has only one Ethernet port it is not a train smash! | ||
+ | * We offer an alternative which will use the **dummy** module to mimick a real Ethernet port. | ||
+ | </WRAP> | ||
+ | |||
+ | |||
+ | ==== Segmenting Using VLANs ==== | ||
+ | |||
* We will use VLANs configured on Eth0 as follows: | * We will use VLANs configured on Eth0 as follows: | ||
* VLAN 101 will have Address range 10.101.0.0/16. | * VLAN 101 will have Address range 10.101.0.0/16. | ||
Line 27: | Line 39: | ||
* br0.102 are bridged with eth0.102. | * br0.102 are bridged with eth0.102. | ||
* br0.103 are bridged with eth0.103. | * br0.103 are bridged with eth0.103. | ||
+ | |||
+ | ==== The VPNs ==== | ||
+ | |||
* The other side of the bridge is a VPN tunnel. | * The other side of the bridge is a VPN tunnel. | ||
* We will create three instances of OpenVPN in server mode. | * We will create three instances of OpenVPN in server mode. | ||
* Each of these instances will be bound to a common IP Address (198.27.111.78) but it will have a unique port to ensure uniqueness. | * Each of these instances will be bound to a common IP Address (198.27.111.78) but it will have a unique port to ensure uniqueness. | ||
+ | |||
+ | ==== The Captive Portals ==== | ||
+ | |||
* Each of the bridges will have a Coova Chilli captive portal running. | * Each of the bridges will have a Coova Chilli captive portal running. | ||
* The IP Address range of each of these Coova Chilli instances will be such that it can provide enough IP Addresses but also in such a manner that the OpenVPN server will be able to provide up to 100 Clients with IP Addresses and the RADIUSdesk server should provide another 100 Clients with IP Addresses without a conflict. | * The IP Address range of each of these Coova Chilli instances will be such that it can provide enough IP Addresses but also in such a manner that the OpenVPN server will be able to provide up to 100 Clients with IP Addresses and the RADIUSdesk server should provide another 100 Clients with IP Addresses without a conflict. | ||
Line 40: | Line 58: | ||
* [[user_guide:openvpn_bridges_prep_openvpn|Install and configure OpenVPN]] | * [[user_guide:openvpn_bridges_prep_openvpn|Install and configure OpenVPN]] | ||
* [[user_guide:openvpn_bridges_prep_coova|Install and configure CoovaChilli]] | * [[user_guide:openvpn_bridges_prep_coova|Install and configure CoovaChilli]] | ||
- | * Configure RADIUSdesk | + | * [[user_guide:openvpn_bridges_prep_radiusdesk|Configure RADIUSdesk, MESHdesk and APdesk]] |
- | * Configure MESHdesk | + | |
- | * Configure APdesk | + | |
------------------------- | ------------------------- |