Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OpenvPN: improve net2net tunnels #5313

Closed
gsanchietti opened this Issue Jun 9, 2017 · 5 comments

Comments

2 participants
@gsanchietti
Copy link
Member

commented Jun 9, 2017

Improve current implementation of OpenVPN tunnel.

The administrator should be able to:

  • create an unlimited number of tunnels each one with different configuration options (routes, psk, etc)
  • select multiple wan for connections when configuring OpenVPN clients
  • easily transfer configuration from tunnel server to tunnel client

See also: http://community.nethserver.org/t/feedback-on-new-openvpn-tunnels/7199

@gsanchietti gsanchietti added this to the v7 milestone Jun 9, 2017

@gsanchietti

This comment has been minimized.

Copy link
Member Author

commented Jun 9, 2017

OpenVPN page has been split in two pages:

  • OpenVPN roadwarrior
  • OpenVPN tunnels

@gsanchietti gsanchietti added this to ⚙ Developing in NethServer 7 Jun 12, 2017

@gsanchietti gsanchietti self-assigned this Jun 12, 2017

gsanchietti added a commit to NethServer/nethserver-openvpn that referenced this issue Jun 26, 2017

gsanchietti added a commit to NethServer/nethserver-openvpn that referenced this issue Jun 28, 2017

@gsanchietti

This comment has been minimized.

Copy link
Member Author

commented Jun 28, 2017

In nethserver-testing:

  • nethserver-openvpn-1.5.1-1.21.gbf57f47.ns7.noarch.rpm
  • nethserver-openvpn-1.5.1-1.22.g6e210dc.ns7.noarch.rpm

Test case 1
This is the most important test case since we should not break existing installations

  • Update an existing machine with an OpenVPN client already configured
  • Check the client can still connect after the update
  • Try to change something from the web interface
  • Check the client can still connect after changes

Test case 2

  • On the master firewall, create a tunnel server with p2p topology
  • Download the configuration file and upload to the slave firewall
  • Check that connected remote networks can ping each other

Test case 3

  • On the master firewall, create a tunnel server with subnet topology
  • Download the configuration file and upload to the slave firewall
  • Check that connected remote networks can ping each other

Test case 4

  • Try to change any server option (cipher, protocol, compression, etc)
  • Manually configure a client and check everything is working as exptected
@gsanchietti

This comment has been minimized.

Copy link
Member Author

commented Jun 29, 2017

Changes:

  • UI tweaks
  • fix client template
  • fix firewall configuration for server

In nethserver-testing:
nethserver-openvpn-1.5.1-1.26.g70da8d6.ns7.noarch.rpm

@DavidePrincipi

This comment has been minimized.

Copy link
Member

commented Jun 29, 2017

VERIFIED

Tested all 4 cases work for me. My testing environment is built on dply.co VPS provider, provisioned with this script:

https://gist.github.com/DavidePrincipi/5907bf4bc122e44c842ec46f66958829

@DavidePrincipi DavidePrincipi removed their assignment Jun 29, 2017

@gsanchietti gsanchietti added verified and removed testing labels Jun 30, 2017

@gsanchietti

This comment has been minimized.

Copy link
Member Author

commented Jun 30, 2017

Released:
nethserver-openvpn-1.6.0-1.ns7.noarch.rpm

Adminsitrator and developer manual already up to date.

@DavidePrincipi DavidePrincipi moved this from ⚙ Developing to 🗑 Done in NethServer 7 Jun 30, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.