Handing out the public IPs
With the topology subnet
feature that OpenVPN offers, it becomes feasible to hand out public IP addresses to connecting clients. For this recipe, we will show how such a setup can be realized. We will re-use a technique from the Proxy-ARP recipe from Chapter 2, Client-server IP-only Networks, to make the VPN clients appear as if they are a part of the remote network. If a dedicated IP address block is available for the VPN clients, then this is not required. The advantage of using the proxy-arp
method is that it allows us to use only part of an expensive public IP address block.
Getting ready
For this recipe, the server computer was running CentOS 6 Linux and OpenVPN 2.3.12. The client computer was running Windows 7 64 bit and OpenVPN 2.3.11. Keep the client configuration file, basic-udp-client.ovpn
, from the Using an ifconfig-pool block recipe from Chapter 2, Client-Server IP-Only Networks.
To test this recipe, a public IP address block...