[AG-TECH] Using Access Grid with Ethernet Bridged OpenVPN

Andrew A Rowley Andrew.Rowley at manchester.ac.uk
Tue Oct 31 04:20:01 CST 2006 

Hi,

I have often used the VPN at Manchester from various locations, mostly in the UK.  I think this is a hardware VPN solution, so this may explain why it works well.  It certainly allows you to use the AG bridged (our VPN network is not multicast enabled) from behind a restrictive firewall, so long as the VPN outgoing port is enabled.  I have even used this to run AG over wireless, where our wireless network only allows traffic outgoing over TCP ports 80 and the VPN port.

Regarding a software VPN, this should work if it is configured correctly, but configuring VPNs can be quite hard.  I would think that an L2TP IPSec VPN with IKE configuration would probably work well.  I am fairly sure that this sort of set up would be possible with OpenVPN.

Andrew :)

============================================
Access Grid Support Centre,
RSS Group,
Manchester Computing,
Kilburn Building,
University of Manchester,
Oxford Road,
Manchester, 
M13 9PL, 
UK
Tel: +44(0)161-275 0685
Email: Andrew.Rowley at manchester.ac.uk 

> -----Original Message-----
> From: owner-ag-tech at mcs.anl.gov [mailto:owner-ag-tech at mcs.anl.gov] On
> Behalf Of Many Ayromlou
> Sent: 30 October 2006 21:57
> To: Doug Baggett
> Cc: ag-tech
> Subject: Re: [AG-TECH] Using Access Grid with Ethernet Bridged OpenVPN
> 
> Hi Doug,
> 
> A while back I tried OpenVPN (mac client @ home behind NAT/Router---
>  >linux server on open network) and although other stuff worked, I
> could not get AG going (I was not using bridged mode though.....I was
> using the other mode.....don't remember right now).
> 
> I have since tried to run it with an L2TP type VPN (Mac notebook
> running osx behind NAT/Router --> Mac OSX Server on open network) and
> AG3 works quite well. I've been able to get somewhere near 14-16
> videos smoking my 6Mb dsl link. I've also tried this from behind a
> firewall at work (mac notebook behind a really strict firewall
> blocking ports 1024+ UDP/TCP ---> same mac OSX server on open
> network) and AG3 works fine.
> 
> So to answer your question OpenVPN did not work for me and I admit it
> was not the same situation you're describing. L2TP worked fine behind
> NAT and also behind a pretty strict firewall.
> 
> TTYL
> Many
> On 30-Oct-06, at 1:35 PM, Doug Baggett wrote:
> 
> > Has anybody tried using Access Grid using bridged Ethernet and
> > OpenVPN?
> > (www.openvpn.net)
> >
> > OpenVPN supports TCP instead of UDP, and I have users behind
> > Firewalls that
> > restrict outbound UDP and I have a server that I could use as the
> > endpoint
> > that sits
> >
> > I know there would be a performance hit using TCP, but on a high
> > performance
> > network it would be interesting to know if anybody has given it a try.
> >
> > -Doug B
> > OCI/NSF
> >
>

More information about the ag-tech mailing list