• HomePage
• SideBar

Installation

• Debian
• CentOS
• Gentoo
• Mac-OS
• FreeBSD
• Ubuntu

Upgrades

• Debian Etch to Lenny
• DTC-Xen Squeeze

DTC-Xen Installation

• A server with DTC-Xen
  • RAID1 and LVM
  • The xen kernel
  • DTC-Xen
  • Customization
  • Big partitions (> 2TB)
  • OS and appliances
• Debian
• CentOS

FAQ

• FAQ

Howtos

• SBOX and DTC
• Backup MX and NS
• Writing a Packager
• Debian PureFTP fix
• FTP Backup
• Scripting DTC
• Your first steps
• Disaster recovery
• New Server Migration
• Renewing pop3 ssl certs
• Setting up smtp tls
• Tuning your Mysql
• Dirvish & Automysqlbackup
• Setup Open VPN quickly
• Rename your DTC VPS
• Rename your DTC Xen Host
• Change your DTC Main IP Address
• Customer SSL Certs
• Change PHP Safe Mode
• Change Directory Index for Domain
• Managing The Mail System
• Setup Test DTC System
• Setup Netflow Traffic Monitoring
• Setup a Nagios Monitoring System
• Keep Your System Up to Date
• How do Custom products work

Manuals

• Users
• Administrators

Features

• General
• Admin
• Client

Roadmap

• Roadmap
• IPv6 Roadmap
• Virtualization

Devel docs

• Translating DTC
• Directory Structure
• The installer
• Adding fields SQL
• Config values of the panel
• Template system
• Git help
• Plugins
• Build the Package
• About Xen VM image packaging

Wiki - i18n

• Francais
• Brazilian
• 中文
• Español
  • Instalación de DTC

Wiki - Meta

• Search site
• All recent changes
• Preferences

• View
• Edit
• History
• Print
• Backlinks

Have different clients with openvpn being assigned different public IPs

1. Comment out the MASQ line in /etc/init.d/lan

    # $IPTABLES -t nat -I POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

2. Edit /etc/openvpn/server.conf and add

   client-connect /etc/openvpn/clientconnect.sh
   client-disconnect /etc/openvpn/clientdisconnect.sh

3. Create these two files with the following contents

   --- /etc/openvpn/clientconnect.sh ---
   #!/bin/bash
   # /usr/bin/env >>/tmp/client-connect.env
   # $ifconfig_pool_remote_ip=10.8.0.6
   # $common_name=client1
   # set -x
   OUT_DEV=eth0
   IPTABLES=/sbin/iptables
   client1ip=1.2.3.4
   client2ip=1.2.3.5

   echo "Attempting to connect $common_name $ifconfig_pool_remote_ip..." >>/tmp/client.log
   if [ "$common_name" == "client1" ]; then
        echo $IPTABLES -t nat -A POSTROUTING -s $ifconfig_pool_remote_ip/32 -o $OUT_DEV -j SNAT --to-source $client1ip >> /tmp/client-connect.env.client1
        $IPTABLES -t nat -I POSTROUTING -s $ifconfig_pool_remote_ip/32 -o $OUT_DEV -j SNAT --to-source $client1ip
   elif [ "$common_name" == "client2" ]; then
        $IPTABLES -t nat -I POSTROUTING -s $ifconfig_pool_remote_ip/32 -o $OUT_DEV -j SNAT --to-source $client2ip
   else
        echo "Connect: $common_name $ifconfig_pool_remote_ip" >>/tmp/client.log
        echo $IPTABLES -t nat -I POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE >> /tmp/client.log
        $IPTABLES -t nat -I POSTROUTING -s $ifconfig_pool_remote_ip/32 -o eth0 -j MASQUERADE
   fi

   --- /etc/openvpn/clientdisconnect.sh ---
   #!/bin/bash
   # /usr/bin/env >>/tmp/client-connect.env
   # $ifconfig_pool_remote_ip=10.8.0.6
   # $common_name=client1
   # set -x
   OUT_DEV=eth0
   IPTABLES=/sbin/iptables
   client1ip=1.2.3.4
   client2ip=1.2.3.5

   echo "Attempting to connect $common_name $ifconfig_pool_remote_ip..." >>/tmp/client.log
   if [ "$common_name" == "client1" ]; then
        echo $IPTABLES -t nat -D POSTROUTING -s $ifconfig_pool_remote_ip/32 -o $OUT_DEV -j SNAT --to-source $client1ip >> /tmp/client-connect.env.client1
        $IPTABLES -t nat -D POSTROUTING -s $ifconfig_pool_remote_ip/32 -o $OUT_DEV -j SNAT --to-source $client1ip
   elif [ "$common_name" == "client2" ]; then
        $IPTABLES -t nat -D POSTROUTING -s $ifconfig_pool_remote_ip/32 -o $OUT_DEV -j SNAT --to-source $client2ip
   else
        echo "Disconnect: $common_name $ifconfig_pool_remote_ip" >>/tmp/client.log
        #echo $IPTABLES -t nat -D POSTROUTING -s $ifconfig_pool_remote_ip/32 -o eth0 -j MASQUERADE >> /tmp/client.log
        $IPTABLES -t nat -D POSTROUTING -s $ifconfig_pool_remote_ip/32 -o eth0 -j MASQUERADE
   fi