[Xen-users] interactions between xen and openvpn

[Luca Sironi <luca@xxxxxxxxx>]

Hi all, first time that i tried to use xen.
My goal is to reach in ssh all the domUs after i manage to get a
connection through openvpn.
Like they were real servers.
I installed  the openvpn server on my dom0 (ubuntu 9.04 + default
package + latest debian-xen-amd64 kernel)
After connecting to the openvpn server I'm able to do direct ssh just
to the dom0.
For reaching domU i had do it with ssh from dom0.
The communication between dom0 and domU is perfect.

I tried also the opposite, with openvpn on the domU.
In this case i can of course ssh directly on domU but not on dom0
avoiding to pass through a domU shells.

I think i'm not able to proper set a return route on the other server.

Here's my lan details.

dom0 (ubuntu/debian) is
192.168.100.5 on eth0 (the gw for internet is 192.168.100.2, openvpn
port is forwarded to 192.168.100.5)
192.168.3.1 on tun0 (openvpn)

domU (netbsd 5.0) is
192.168.100.7 on xennet0

dom0 openvpn server.conf is like this

dev tun
port 443
server 192.168.3.0 255.255.255.0
client-to-client
push "route 192.168.3.0 255.255.255.0"

domU configuration file is like this

vif = ['mac=00:16:3e:70:01:05,bridge=xenbr0']
ip = "192.168.100.7"
netmask = "255.255.255.0"
gateway = "192.168.100.2"

my thought is that i had to put on domU a route for 192.168.3.0
(that's the network used by openvpn client )
towards the local ip of the openvpn server (so in this case 192.168.100.5)
But it's not working.

Is there a suggested way of reaching this goal?
I don't care about openvpn position, it can be on dom0 or on one of domU.
With tun or tap.
I'm using tap because i did it once to reach a lan of real servers.

hope to have putted all the details needed

br
Luca

-- 
http://www.sironi.tk

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users