PDA

View Full Version : OpenVPN & VLANs - server config problem



Erayd
07-08-2009, 02:56 PM
Hi Guys,

I'm trying to set up OpenVPN to do the following:

Tunneling is done at layer 2 (tap)
There are several client groups, none of whom I can trust
The groups don't trust each other either
Each client group needs to be segregated on the server, in a way that I can trunk
Each client connecting to the server is assigned to a group based on their authentication information
There can only be one server instance
My current idea for achieving this is to put each client group into a separate vlan, but the problem is that one server instance == one tap interface, i.e. all client groups share the same tap interface, and therefore I can't find a way to separate them.

I am more than happy to do some more scripting to achieve this if required, but at the moment I'm stumped as to what I should do.

Any ideas?

Thanks,
Erayd

ughnz
07-08-2009, 11:33 PM
This may do what you wont:
http://www.tslab.ssvl.kth.se/csd/projects/0513/

Not based on OpenVPN, but could be an alternative.

Erayd
08-08-2009, 12:07 PM
Sorry - thanks for the suggestion, but that completely misses the point of what I'm trying to do.

Note also that OpenVPN is basically a requirement - it would take a *very* compelling reason for me to ditch it and replace it with something else.