|
|
I am trying to create a bridged network where the VPN machine is behind
another
firewall machine, but I can't figure out how to bridge my tap0 device
to the eth0 device so that my Windows 2000 VPN client will connect to
the server.
I am unable to find examples where individuals don't have private class
IP's for their LANs (using NAT to route traffic to the Internet).
I have successfully gotten routing to work when the machine was placed
outside
of our firewall, now I want to use bridging with the VPN machine inside
the firewall.
I get the following error when trying to connect with my Windows 2000
VPN client...
"write UDPv4: No Route to Host (WSAEHOSTUNREACH)".
What additional routes do I need to setup to allow the Windows VPN
clients to
connect to the Linux VPN server to browse network resources and connect
to
the internet? I don't believe I need two network cards. I should be able
to use
just one. All of the addresses on my LAN are internet routable (no
nating is used).
Also, the documentation talks about the VPN client being assigned an IP
from your
local LAN.." Ethernet bridging is a powerful networking capability
that allows remote systems (such as "Road Warriors")
to connect over a VPN to an ethernet LAN in such a way
that their system appears to be directly connected to
the LAN, i.e. they have an IP address taken right from
the LAN's subnet and they are able to interact with other
hosts on the LAN including sending and receiving broadcasts
and being able to conveniently browse and access the
Windows network neighborhood."
How do you set things up to allow our Windows VPN clients to obtain an
IP from our internal LAN? DHCP?
My internal LAN is xxx.203.227.129 thru xxx.203.227.254
Here is my current route table and interface setups..
Kernel IP routing table
Destination Gateway Genmask
Flags Metric Ref Use Iface
xxx.203.227.128 0.0.0.0 255.255.255.128
U 0 0 0 br0
br0 Link encap:Ethernet HWaddr 00:21:90:18:7E:CA
inet addr: xxx.203.227.130 Bcast:xxx.203.227.255
Mask:255.255.255.128
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:140639 errors:0 dropped:0 overruns:0 frame:0
TX packets:88689 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10852694 (10.3 Mb) TX bytes:5290503 (5.0 Mb)
eth0 Link encap:Ethernet HWaddr 00:21:90:18:7E:CA
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:406023 errors:0 dropped:0 overruns:0 frame:0
TX packets:99793 errors:0 dropped:0 overruns:0 carrier:0
collisions:686 txqueuelen:1000
RX bytes:47651504 (45.4 Mb) TX bytes:9182351 (8.7 Mb)
Interrupt:9 Base address:0xe400
tap0 Link encap:Ethernet HWaddr 00:FF:A9:9F:C9:F1
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1400 Metric:1
RX packets:310 errors:0 dropped:0 overruns:0 frame:0
TX packets:218897 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:41188 (40.2 Kb) TX bytes:16293388 (15.5 Mb)
Thanks,
--
Steve Grimes
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|