Open thejustsoul opened 5 years ago
Main server (on Windows 8.1 who also acts as a client)
have config:
[tap_adapter]
ipv4_address_prefix_length=9.0.0.1/24
ipv6_address_prefix_length=2aa1::1/8
dhcp_proxy_enabled=yes
dhcp_server_ipv4_address_prefix_length=9.0.0.0/24
dhcp_server_ipv6_address_prefix_length=2aa1::/8
[security]
passphrase=secret
Now for clients such config:
Client1
[fscp]
contact=main_server_ip:12000
[tap_adapter]
ipv4_address_prefix_length=9.0.0.2/24
ipv6_address_prefix_length=2aa1::2/8
[security]
passphrase=secret
Client2
[fscp]
contact=main_server_ip:12000
[tap_adapter]
ipv4_address_prefix_length=9.0.0.3/24
ipv6_address_prefix_length=2aa1::3/8
[security]
passphrase=secret
Client3
[fscp]
contact=main_server_ip:12000
[tap_adapter]
ipv4_address_prefix_length=9.0.0.4/24
ipv6_address_prefix_length=2aa1::4/8
[security]
passphrase=secret
Is that right? Or something superfluous or something is missing? Not satisfied that the IP-addresses are written manually, and not issued by the server. Is the transmitted data encrypted? Help please.
you need dynamic contacts to work as real local network
you need dynamic contacts to work as real local network
can you show me an example of how to do?
for Dynamic contact you need certificate based authentication I use XCA to generate certificates. it has GUI, really simple and fast
can you show me an example of how to do?
I've described it right here
https://github.com/freelan-developers/freelan/issues/206#issuecomment-575145130
also here is my working config freelan.txt
don't forget: we have a bug #225. you need to restart freelan instance on your main server every 20 munutes so the NAT port will stop stacking
@richman1000000 I can ping PC1 with SERVER and PC2 with SERVER, but cant ping PC1 with PC2
SERVER:
[tap_adapter]
ipv4_address_prefix_length=9.0.0.1/24
ipv6_address_prefix_length=2aa1::1/8
dhcp_proxy_enabled=yes
dhcp_server_ipv4_address_prefix_length=9.0.0.0/24
dhcp_server_ipv6_address_prefix_length=2aa1::/8
ipv4_dhcp=true
[security]
passphrase=secret
PC1:
[fscp]
contact=SERVER_IP:12000
[tap_adapter]
ipv4_address_prefix_length=9.0.0.2/24
ipv6_address_prefix_length=2aa1::2/8
[security]
passphrase=secret
PC2:
[fscp]
contact=SERVER_IP:12000
[tap_adapter]
ipv4_address_prefix_length=9.0.0.3/24
ipv6_address_prefix_length=2aa1::2/8
[security]
passphrase=secret
how can I ping PC1 with PC2?
Its ok if I need assign the ip manually All devices use Windows
again. you need CA and DYNAMIC CONTACT!!!! ~passphrase=secret~
PC1
dynamic_contact_file=PC2.crt
ipv4_address_prefix_length=9.0.0.2
never_contact=9.0.0.2
PC2
dynamic_contact_file=PC1.crt
ipv4_address_prefix_length=9.0.0.3
never_contact=9.0.0.3
This part is responsible for dynamic connection
server:
authority_certificate_file=CA.crt
signature_certificate_file=VPNserver.crt
signature_private_key_file=VPNserver.pem
PC1:
authority_certificate_file=CA.crt
signature_certificate_file=PC1.crt
signature_private_key_file=PC1.pem
dynamic_contact_file=PC2.crt
PC2:
authority_certificate_file=CA.crt
signature_certificate_file=PC2.crt
signature_private_key_file=PC2.pem
dynamic_contact_file=PC1.crt
This part is responsible for dynamic connection
server:
authority_certificate_file=CA.crt signature_certificate_file=VPNserver.crt signature_private_key_file=VPNserver.pem
PC1:
authority_certificate_file=CA.crt signature_certificate_file=PC1.crt signature_private_key_file=PC1.pem dynamic_contact_file=PC2.crt
PC2:
authority_certificate_file=CA.crt signature_certificate_file=PC2.crt signature_private_key_file=PC2.pem dynamic_contact_file=PC1.crt
I understand now, thank you!!! I am very begginer sorry for all the dumb questions haha
@guilhermecugler did you manage to make this work? I would like to know your point of view and the results you achived.
@guilhermecugler did you manage to make this work? I would like to know your point of view and the results you achived.
yes, but I had to generate 1 certificate for each new machine, I even managed to generate it automatically for a while but it stopped working... I ended up migrating to OpenVPN which suited me perfectly. (the lan was for a p2p game)
@guilhermecugler I'm trying to use Openvpn to play LAN games, but I can't find other players in the LAN game list. Is there a way to solve it?
Please help me set up a FreeLAN for games on a virtual network with friends. There is conditionally one server (Linux Debian (St also on Windows 8.1 as reserve that configs approached if that), with white IP and open port) and many clients (Windows XP, 7, 8.., etc). It is necessary that clients saw each other (that the host of any game could become any of them) that passed pings and other, i.e. as a usual local area network. Still it is necessary to forbid VPN clients to go through the VPN server to the Internet, i.e. that all clients had access only to each other. And we need to address is issued by server via DHCP, not to specify the IP each time to a new client.