OpenVPN configuration for LAN gaming

User avatar
Ashus
Administrátor
Posts: 417
Joined: 07. 07. 2007 10:51
Location: Ostrava - Polanka nad Odrou
Contact:

OpenVPN configuration for LAN gaming

Postby Ashus » 31. 12. 2014 04:26

To be able to play LAN games over OpenVPN tunnel, please follow OpenVPN manual and create your unique certificates, one for server and one for players.
Also create one additional certificate using openvpn --genkey --secret tls-auth.key for handshakes.

On the server machine you also have to open the port in public IP / redirect the port to your internal PC.
The situation is as follows: a minimum of two players both have Windows, at least one has to have public IP/open port (42222). All other clients connect to him and they make a fast and secure virtual LAN network for games. None of them uses the chosen IP range for local network, in this example 10.5.5.0/24.

Use this server config:

Code: Select all

port 42222
proto udp
dev tap
tun-ipv6

tls-auth tls-auth.key 0
ca       lan-ca.crt
cert     lan-server.crt
key      lan-server.key
dh       lan-dh2048.pem

tls-version-min 1.2
cipher AES-256-CBC
auth SHA256
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
remote-cert-eku "TLS Web Client Authentication"

server 10.5.5.0 255.255.255.0

server-ipv6 fc11:0:1054::/64
push route-ipv6 fc11:0:1054::/64

duplicate-cn
keepalive 10 120

comp-lzo
persist-key

route-metric 1
route 0.0.0.0 0.0.0.0 10.5.5.1 10001

push "route-metric 1"
push "route 0.0.0.0 0.0.0.0 10.5.5.1 10001"

client-to-client

status status-server-lan.log 60
and this client config:

Code: Select all

remote 111.111.111.111
float

tls-client
port 42222
proto udp
dev tap
tun-ipv6
nobind

resolv-retry infinite

tls-auth tls-auth.key 1
ca       lan-ca.crt
cert     lan-client.crt
key      lan-client.key

tls-version-min 1.2
cipher AES-256-CBC
auth SHA256
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
remote-cert-eku "TLS Web Server Authentication"

pull dhcp-options

mute 10
comp-lzo
verb 1
Change 111.111.111.111 to match your server's IP. The predefined routes will take care of priorities and in most games the players should see each other and the server.
Just one more thing - you need to make sure the virtual device is given the highest priority (even above LAN or WiFi). You can do so by renaming your OpenVPN TAP network adapter to "OpenVPN" and running these commands from command line:

Code: Select all

   netsh int ipv4 set interface OpenVPN metric=2
   netsh int ipv6 set interface OpenVPN metric=2
I recommend creating gameserver on the server machine to minimize latency. And the very last thing would be to add the network range to trusted networks in your firewall (once and for good).
Image
Coffee phreak!
spectre
Posts: 2
Joined: 25. 02. 2016 09:37

Re: OpenVPN configuration for LAN gaming

Postby spectre » 25. 02. 2016 09:41

Thanks, it worked for me for most LAN games but FIFA 11.

I've created lobby room and everyone could see it but they couldn't connect to it.

Any idea?
User avatar
Ashus
Administrátor
Posts: 417
Joined: 07. 07. 2007 10:51
Location: Ostrava - Polanka nad Odrou
Contact:

Re: OpenVPN configuration for LAN gaming

Postby Ashus » 25. 02. 2016 10:37

spectre: Sorry, try to google for solution, maybe game needs patching and/or fixed exe. Tunngle forums might be valuable source for multiplayer issues others are having.
Image
Coffee phreak!
spectre
Posts: 2
Joined: 25. 02. 2016 09:37

Re: OpenVPN configuration for LAN gaming

Postby spectre » 25. 02. 2016 10:57

Thanks for your quick response. Actually I've searched a lot and didn't find anything related but the topic below:

https://versatile1.wordpress.com/2011/1 ... g-tunngle/

And I did its instruction and it didn't help.
User avatar
Ashus
Administrátor
Posts: 417
Joined: 07. 07. 2007 10:51
Location: Ostrava - Polanka nad Odrou
Contact:

Re: OpenVPN configuration for LAN gaming

Postby Ashus » 23. 06. 2016 01:10

Disabling other adapters is good only in case you don't set merit correctly or the game is broken. I've tested this configuration successfully with Flatout 2, UT 2004 and several Borderlands.
Sorry, but I'm afraid I can't help you more. You can always try using Wireshark and watch what packets come and go, but fixing the problem could be difficult.


Last bumped by Ashus on 23. 06. 2016 01:10.
Image
Coffee phreak!

Who is online

Users browsing this forum: No registered users and 1 guest

cron