Differences

This shows you the differences between two versions of the page.

--- user_guide:openvpn_bridges [2016/09/26 04:59] – [Steps Involved] admin
+++ user_guide:openvpn_bridges [2020/08/12 13:37] (current) – [The Hardware] admin
@@ Line 1: / Line 1: @@
 ====== OpenVPN Bridges ======
+{{ :user_guide:apdesk:openvpn_bridge.png?nolink |}}
 ===== Introduction =====
   * We are very exited about a new feature which is now part of  **MESHdesk** as well as **APdesk**.
@@ Line 12: / Line 13: @@
 ===== Our Setup =====
-  * For this document we will have the configure the following setup.
+For this document we will configure the following setup.
-    * One Ubuntu 14.04 server with two Ethernet cards and one public IP Address.
+==== The Hardware ====
+    * One Ubuntu 18.04 server with two Ethernet cards and one public IP Address.
       * Eth1 will have the Public IP Address (198.27.111.78)
       * Eth0 will be segmented using VLANs.
-      * We will not need any VLAN capable switches.
+      * We will **not** need any VLAN capable switches.
     * Another server (can be the same) running the latest SVN of RADIUSdesk
     * An Access Point with Internet access, running the latest build from SVN of the MESHdesk firmware.
+<WRAP center round info 90%>
+== Only one Ethernet port? ==
+  * If your server has only one Ethernet port it is not a train smash!
+  * We offer an alternative which will use the **dummy** module to mimick a real Ethernet port.
+</WRAP>
+==== Segmenting Using VLANs ====
   * We will use VLANs configured on Eth0 as follows:
     * VLAN 101 will have Address range 10.101.0.0/16.
@@ Line 27: / Line 39: @@
     * br0.102 are bridged with eth0.102.
     * br0.103 are bridged with eth0.103.
+==== The VPNs ====
   * The other side of the bridge is a VPN tunnel.
     * We will create three instances of OpenVPN in server mode.
     * Each of these instances will be bound to a common IP Address (198.27.111.78) but it will have a unique port to ensure uniqueness.
+==== The Captive Portals ====
     * Each of the bridges will have a Coova Chilli captive portal running.
       * The IP Address range of each of these Coova Chilli instances will be such that it can provide enough IP Addresses but also in such a manner that the OpenVPN server will be able to provide up to 100 Clients with IP Addresses and the RADIUSdesk server should provide another 100 Clients with IP Addresses without a conflict.
@@ Line 37: / Line 55: @@
  ===== Steps Involved =====
-  * Prepare the hardware and OS
+  * [[user_guide:openvpn_bridges_prep_os|Prepare the hardware and OS]]
-  * Install and configure OpenVPN
+  * [[user_guide:openvpn_bridges_prep_openvpn|Install and configure OpenVPN]]
-  * Install and configure CoovaChilli
+  * [[user_guide:openvpn_bridges_prep_coova|Install and configure CoovaChilli]]
-  * Configure RADIUSdesk
+  * [[user_guide:openvpn_bridges_prep_radiusdesk|Configure RADIUSdesk, MESHdesk and APdesk]]
-  * Configure MESHdesk
-  * Configure APdesk
--------------------------
-===== Prepare the hardware and OS =====
+-------------------------
-  * In order for us to run VLANs on the server we need to install the VLAN module
-<code bash>
-#Install the VLAN package
-sudo apt-get update
-sudo apt-get install vlan
-#Permanently load the module during boot time
-sudo su -c 'echo "8021q" >> /etc/modules'
-#Reboot the server
-sudo reboot
-#Confirm that it is loaded
-lsmod  | grep 8021q
-</code>
-  * In order for us be be able to use the bridging capabilities on the server, we need to install the bridge utilities.
-<code bash>
-#Install the bridge-utils package
-sudo apt-get update
-sudo apt-get install bridge-utils
-</code>
-  * Edit the **/etc/network/interfaces** file to contain the following configuration.
-<code bash>
-#Remember also to configure eth1 to contain the public IP Address...
-auto eth0.101
-iface eth0.101 inet manual
-        up ip link set $IFACE up promisc on
-auto br0.101
-iface br0.101 inet static
-        address 10.101.0.1
-        netmask 255.255.0.0
-        bridge_ports eth0.101
-auto eth0.102
-iface eth0.102 inet manual
-        up ip link set $IFACE up promisc on
-auto br0.102
-iface br0.102 inet static
-        address 10.102.0.1
-        netmask 255.255.0.0
-        bridge_ports eth0.102
-auto eth0.103
-iface eth0.103 inet manual
-        up ip link set $IFACE up promisc on
-auto br0.103
-iface br0.103 inet static
-        address 10.103.0.1
-        netmask 255.255.0.0
-        bridge_ports eth0.103
-</code>
-   * Reboot the server and confirm that it came up with these bridges configured.
-<code bash>
-#Issue the ifconfig command to confirm the br0.101, br0.102 and br0.103 are up and has the correct IP Address.
-#Also use the brctl command to show you the bridges present
-system@rd:~$ brctl show
-bridge name	bridge id		STP enabled	interfaces
-br0.101		8000.000c294aafdf	no		eth0.101
-br0.102		8000.000c294aafdf	no		eth0.102
-br0.103		8000.000c294aafdf	no		eth0.103
-</code>

RADIUSdesk

Page Tools

Site Tools

User Tools

Differences