Tag Archives: openvpn

Open VPN for the Road Warrior


I have updated the post on 05-DEC-2013 to be relevant for openvpn-2.2.2-9.5.1.x86_64 on OpenSuSE 12.3. Instead of Xen I switched to KVM as it was easier to implement. I left the by now outdated versions of the Oracle software as they were, they don’t matter. The Xen “virtual machine” is called domU, KVM calls them VM which sounds more familiar. So simply substitute VM for domU :) Note that I’m NOT using libvirt to manage the networks, otherwise the configuration would be different. The network configuration relies entirely on the bridges provided by Linux and set up in YAST2


As a consultant it is important to have a test lab, something which is your own, where you can play with new versions and concepts to your heart’s delight without disturbing anyone else. Or worse, causing problems for the customer. For this reason I like to have an Internet facing machine which I can connect to from anywhere. In case the corporate network doesn’t let you out, consider getting mobile broadband on a PAYG basis-it works a dream!

I have blogged about my system a number of times, with special emphasis on RHEL 5.x and 6.x. Unlike many other Oracle scientists I do not use Virtual Box or VMWare for virtualisation, but rather Xen. When I started looking at para-virtualisation I looked at Oracle VM but at the time it was lacking features I wanted such as iSCSI provided storage. OpenSuSE is a great distribution which offers a dom0 kernel out of the box, and this is what I went for. My lab can support a four node cluster plus two Grid Control domUs, which is more than enough for me to work with. And although it’s busy, it doesn’t make working with the machine impossible.

For a long time I was very happy with my machine, and SSH access was all I needed. But when moving to Vista/Windows 7 a problem became apparent: I could no longer use port-forwarding to access my samba server on my backup domU. Microsoft added some other software to listen on the required port so I started looking at OpenVPN as a solution. This article assumes that you are familiar with OpenVPN-if you are not then you might want to have a look at the documentation. The howto is a a great starting point:


Continue reading