Category: 
October 10, 2006/etc/init.d/openvpn start. You should see:chris@solo:~$ /etc/init.d/openvpn start
Starting virtual private network daemon:Tue Oct 10 18:21:03 2006 TUN/TAP device tap0 opened
Tue Oct 10 18:21:03 2006 Persist state set to: ON
server.
tap0 adapter and the push-route script - these entries are the two most common i’ve found confuse people.# Which TCP/UDP port should OpenVPN listen on?
port 1194# TCP or UDP server?
proto udp# “dev tap” will create an ethernet tunnel.
dev tap0ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem# Configure server mode for ethernet bridging
server-bridge 192.168.4.3 255.255.255.0 192.168.4.200 192.168.4.254# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
push “route 192.168.4.0 255.255.255.0″# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
;push “dhcp-option DNS 192.168.4.1″# Uncomment this directive to allow different
# clients to be able to “see” each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server’s TUN/TAP interface.
client-to-client# Enable compression on the VPN link.
# If you enable it here, you must also
# enable it in the client config file.
comp-lzo# The maximum number of concurrently connected
# clients we want to allow.
max-clients 5# It’s a good idea to reduce the OpenVPN
# daemon’s privileges after initialization.
#
# You can uncomment this out on
# non-Windows systems.
user nobody
group nogroup# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun# Let’s lock-down our server
chroot /etc/openvpn
Now, connect to your VPN. Your virtual TAP adapter should be assigned an IP address within the same subnet/range as your server’s br0 IP. Let’s load up iTunes and see if our playlists can be seen remotely?
..oh yes!
1 person has left a comment
Hi.
First of all - thanks for this great tutorial.
I have a bridged connection to my openvpn server and everthing works fine, but i can\’t see the mt-daapd library on my macbook pro itunes.
Appletalk works and ping although.
Do you know a solution for this problem? Is it is possible, that apple changed something in the new itunes 7.1.1?
ChrizDee