Thread Rating:
  • 1 Vote(s) - 2 Average
  • 1
  • 2
  • 3
  • 4
  • 5

OpenVPN configuration for LAN gaming
#1

To be able to play LAN games over OpenVPN tunnel, please follow OpenVPN manual and create your unique certificates, one for server and one for players.
Also create one additional certificate using openvpn --genkey --secret tls-auth.key for handshakes.

On the server machine you also have to open the port in public IP / redirect the port to your internal PC.
The situation is as follows: a minimum of two players both have Windows, at least one has to have public IP/open port (42222). All other clients connect to him and they make a fast and secure virtual LAN network for games. None of them uses the chosen IP range for local network, in this example 10.5.5.0/24.

Use this server config:
Code:
port 42222
proto udp
dev tap
tun-ipv6

tls-auth tls-auth.key 0
ca       lan-ca.crt
cert     lan-server.crt
key      lan-server.key
dh       lan-dh2048.pem

tls-version-min 1.2
cipher AES-256-CBC
auth SHA256
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
remote-cert-eku "TLS Web Client Authentication"

server 10.5.5.0 255.255.255.0

server-ipv6 fc11:0:1054::/64
push route-ipv6 fc11:0:1054::/64

duplicate-cn
keepalive 10 120

comp-lzo
persist-key

route-metric 1
route 0.0.0.0 0.0.0.0 10.5.5.1 10001

push "route-metric 1"
push "route 0.0.0.0 0.0.0.0 10.5.5.1 10001"

client-to-client

status status-server-lan.log 60

and this client config:
Code:
remote 111.111.111.111
float

tls-client
port 42222
proto udp
dev tap
tun-ipv6
nobind

resolv-retry infinite

tls-auth tls-auth.key 1
ca       lan-ca.crt
cert     lan-client.crt
key      lan-client.key

tls-version-min 1.2
cipher AES-256-CBC
auth SHA256
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
remote-cert-eku "TLS Web Server Authentication"

pull dhcp-options

mute 10
comp-lzo
verb 1

Change 111.111.111.111 to match your server's IP. The predefined routes will take care of priorities and in most games the players should see each other and the server.
Just one more thing - you need to make sure the virtual device is given the highest priority (even above LAN or WiFi). You can do so by renaming your OpenVPN TAP network adapter to "OpenVPN" and running these commands from command line:
Code:
netsh int ipv4 set interface OpenVPN metric=2
   netsh int ipv6 set interface OpenVPN metric=2

I recommend creating gameserver on the server machine to minimize latency. And the very last thing would be to add the network range to trusted networks in your firewall (once and for good).

[Image: kavove-zrnka-lajna.jpg]
Coffee phreak!
Reply
#2

Thanks, it worked for me for most LAN games but FIFA 11.

I've created lobby room and everyone could see it but they couldn't connect to it.

Any idea?
Reply
#3

spectre: Sorry, try to google for solution, maybe game needs patching and/or fixed exe. Tunngle forums might be valuable source for multiplayer issues others are having.

[Image: kavove-zrnka-lajna.jpg]
Coffee phreak!
Reply
#4

Thanks for your quick response. Actually I've searched a lot and didn't find anything related but the topic below:

https://versatile1.wordpress.com/2011/11...g-tunngle/

And I did its instruction and it didn't help.
Reply
#5

Disabling other adapters is good only in case you don't set merit correctly or the game is broken. I've tested this configuration successfully with Flatout 2, UT 2004 and several Borderlands.
Sorry, but I'm afraid I can't help you more. You can always try using Wireshark and watch what packets come and go, but fixing the problem could be difficult.

[Image: kavove-zrnka-lajna.jpg]
Coffee phreak!
Reply
#6

Participants of The contexto game , a web-based word game that is free to play, are given an infinite number of chances to correctly identify a different unique word each day.
Reply
#7

It's not work. Try searching for an answer on Google. You can keep playing the same game through girls games
Reply
#8

Your post is very informative and helpful for us. In fact, I have been looking for this type of article for some days. This is why you will need to look for a DDoS protection services to provide you with the assistance and help you'll need.
Reply




Users browsing this thread: 1 Guest(s)