|
|
I received this message privately, it has some useful info on using Proxy ARP on Windows. James *************** While this may not be a full bridge in the traditional sense, it appears to fit my need and maybe useful to others. Noting the Ethernet bridging comment '... requires Windows XP or higher ...' on the page: http://openvpn.sourceforge.net/INSTALL-win32.html, yesterday I knocked up a utility to add/remove a proxy-arp address to/from a network interface under Win2k/XP. It uses the IPHelper functions: CreateProxyArpEntry() & DeleteProxyArpEntry() documented here: http://msdn.microsoft.com/library/en-us/iphlp/iphlp/ip_helper_functions.asp However, the WinCE version pages have better usage information here: http://msdn.microsoft.com/library/en-us/wcetcpip/html/ceconIPHelperFunctions asp It would be good if you could add this functionality to the core OpenVPN application, maybe using a config keyword such as 'proxy-arp' to activate proxying of a remote-end virtual address on the local-end LAN. This operation is useful where modification of the remote network's routing setup is not possible coupled with the need for connectivity to other remote-end routable subnets that are not directly routable locally. The steps are as follows: 1) an openvpn is set up between two different physical LANs, using two additional addresses from the remote LAN as the virtual vpn addresses; 2) the local-end virtual address is proxy-arp'ed on the remote-end physical LAN interface; 3) routing is enabled on the remote machine by setting the following registry value: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\IPEnab leRouter(REG_DWORD)=1 this requires a reboot to take effect and can be seen through 'ipconfig/all'. For reference, included below are the 'ovpn' files from both machines. Any comments ? BTW: I was looking for a Windows implementation of OpenVPN in Nov2002 but it seemed not to exist at that point. I didn't look again until last week and realised that I must have been just a little too early. Anyway, many thanks to you and any others involved in pulling together such a cohesive Windows implementation. Best regards - Martin Local-End Machine (mine) ------------------------ remote 172.27.1.249 dev tun tun-mtu 1500 ifconfig 172.27.1.238 172.27.1.237 ping 10 comp-lzo verb 4 mute 10 Remote-End Machine ------------------ remote 172.27.10.1 dev tun tun-mtu 1500 ifconfig 172.27.1.237 172.27.1.238 up "..\\bin\\proxyarp 172.27.1.238 255.255.255.128" down "..\\bin\\proxyarp 172.27.1.238" ping 10 comp-lzo verb 4 mute 10 ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |