4

I am using openvpn. Once the clients are connected, I would like that they can be addressed by using the names instead of the ip addresses.

e.g. instead of "ping 10.8.0.2" I can use "ping client-name"

How can I achieve that?

I am using openvpn 2.3 on a centos 6.5. I also installed dnsmasq.

megloff
  • 403
  • 4
  • 11

1 Answers1

2

Assuming you have access to your DNS server, you should be able to assign static IPs for each VPN client on your OpenVPN server and then make an entry to that static IP in DNS.

This blog has a nice write up of how to assign static IPs in OpenVPN: http://michlstechblog.info/blog/openvpn-set-a-static-ip-address-for-a-client/

The basic steps are:

  1. Make a directory to save the static IP configs
    • mkdir /etc/openvpn/staticclients
  2. Modify your server's openvpn configfile
    • client-config-dir /etc/openvpn/staticclients
  3. Create a file with the same name as your client's "common name"
    • Use the following command to get the "common name" if you don't know it:
    • openssl x509 -in /etc/openvpn/yourClientCertificate.cer -noout -subject | sed -e 's/.*CN=\(.*\)\/.*/\1/'

  4. Edit this file to contain the following:

    ifconfig-push static.ip.to.assign sub.net.mask.used
push "route any.subnet.to.route its.sub.net.mask"
# push "dhcp-option WINS addr"
# push "dhcp-option DNS addr"
sippybear
  • 3,197
  • 1
  • 13
  • 12