RADIUSdesk

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
user_guide:openvpn_bridges [2016/09/26 01:52]
admin created
user_guide:openvpn_bridges [2020/08/12 13:37] (current)
admin [The Hardware]
Line 1: Line 1:
 ====== OpenVPN Bridges ====== ====== OpenVPN Bridges ======
 +{{ :​user_guide:​apdesk:​openvpn_bridge.png?​nolink |}}
 ===== Introduction ===== ===== Introduction =====
   * We are very exited about a new feature which is now part of  **MESHdesk** as well as **APdesk**.   * We are very exited about a new feature which is now part of  **MESHdesk** as well as **APdesk**.
Line 11: Line 12:
 ------------------- ​ ------------------- ​
  
- ===== Setup Overview ​=====+===== Our Setup ===== 
 +For this document we will configure the following setup. 
 +==== The Hardware ==== 
 +    * One Ubuntu 18.04 server with two Ethernet cards and one public IP Address. 
 +      * Eth1 will have the Public IP Address (198.27.111.78) 
 +      * Eth0 will be segmented using VLANs. 
 +      * We will **not** need any VLAN capable switches. 
 +    * Another server (can be the same) running the latest SVN of RADIUSdesk 
 +    * An Access Point with Internet access, running the latest build from SVN of the MESHdesk firmware. 
 + 
 +<WRAP center round info 90%> 
 +== Only one Ethernet port? == 
 +  * If your server has only one Ethernet port it is not a train smash! 
 +  * We offer an alternative which will use the **dummy** module to mimick a real Ethernet port. 
 +</​WRAP>​ 
 + 
 + 
 +==== Segmenting Using VLANs ==== 
 + 
 +  * We will use VLANs configured on Eth0 as follows: 
 +    * VLAN 101 will have Address range 10.101.0.0/​16. 
 +    * VLAN 102 will have Address range 10.102.0.0/​16. 
 +    * VLAN 103 will have Address range 10.103.0.0/​16. 
 +  * These VLANs will each be bridged on the one side with a VLAN on eth0. 
 +    * br0.101 are bridged with eth0.101. 
 +    * br0.102 are bridged with eth0.102. 
 +    * br0.103 are bridged with eth0.103. 
 + 
 +==== The VPNs ==== 
 + 
 +  * The other side of the bridge is a VPN tunnel.  
 +    * We will create three instances of OpenVPN in server mode. 
 +    * Each of these instances will be bound to a common IP Address (198.27.111.78) but it will have a unique port to ensure uniqueness. 
 + 
 +==== The Captive Portals ==== 
 + 
 +    * Each of the bridges will have a Coova Chilli captive portal running.  
 +      * The IP Address range of each of these Coova Chilli instances will be such that it can provide enough IP Addresses but also in such a manner that the OpenVPN server will be able to provide up to 100 Clients with IP Addresses and the RADIUSdesk server should provide another 100 Clients with IP Addresses without a conflict. 
 +      * The IP Address range should also reflect that which was assigned to the VLAN. 
 + 
 +----------------------------------------- 
 + 
 + ===== Steps Involved ===== 
 +  * [[user_guide:​openvpn_bridges_prep_os|Prepare the hardware and OS]] 
 +  * [[user_guide:​openvpn_bridges_prep_openvpn|Install and configure OpenVPN]]  
 +  * [[user_guide:​openvpn_bridges_prep_coova|Install and configure CoovaChilli]] 
 +  * [[user_guide:​openvpn_bridges_prep_radiusdesk|Configure RADIUSdesk, MESHdesk and APdesk]] 
 + 
 + 
 +------------------------- 
  
-