Forwarding Address: OS X

Sunday, August 24, 2003

i've been going through the its-the-end-of-the-summer-so-lets-secure-the-house-network fiasco. my home network is managed by one firewall linux box that has three NICs in it -- one for the outside world, one for my wired network, and one for my wireless network. the wireless network is fully open, but it is firewalled off and cannot see the wired network at all. what i wanted was a vpn solution that would let me log onto the network from my tibook and get an encrypted link into my wired network.

i've been tinkering with openvpn as my vpn solution. it really works well even when both ends obtain their IP addresses from a DHCP server and instead of doing something funky as most vpn inplementations does, this actually sets up a virtual interface tun0 on your box that you can send packets back and forth through. after setting it up on the firewall box, i followed pfisterer's os x instructions and after manging the routing table with the following route command

route add -net 10.0.0.0/255.255.255.0 192.168.2.2

i got all the packets destined for 10.0.0.0/24 on my tibook to route over tun0 and into my wired network just perfectly. now if only somebody made a nicer interface so i didn't have to do everything using sudo on the command line... free, kick-butt software!