[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] more refined bridge


  • Subject: Re: [Openvpn-users] more refined bridge
  • From: Joe Marchi <joe@xxxxxxxxxxx>
  • Date: Tue, 27 Sep 2005 05:56:15 -0700

Jeff, just wondering if eth0 has a public IP or a private one. I have a similar setup, my client would be attempting to conncect to an internal IP through eth0 which is on a public.

--
Joe

Jeff Sadowski wrote:
OK wow this project rules I'm gonna test this on my
works network if my other engineers agree and we
implement it expect to be rewarded :-) I'll probably
just donate anyways. I work as a sysadmin and a
consultant and this would be a hell of a product to
sell. :-)

Ok my final setting are as follows
my /etc/openvpn/server.conf looks as follows

#/etc/openvpn/server.conf
tls-server
daemon
port 1194
proto udp
dev tap0
ca   /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key  /etc/openvpn/easy-rsa/keys/server.key
dh   /etc/openvpn/easy-rsa/keys/dh1024.pem
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status /var/log/openvpn-status.log
log    /var/log/openvpn.log
verb 4
#/etc/openvpn/server.conf

then to start it I do the following

openvpn --config /etc/openvpn/server.conf
brctl addbr br0
brctl addif br0 tap0
brctl addif br0 eth0
ifconfig tap0 promisc up 0.0.0.0
ifconfig eth0 promisc up 0.0.0.0
dhclient br0

then I can start my client
My server has a fixed address also of 192.168.168.1
here is how my client looks

#c:\\progra~1\\openvpn\\config\client.ovpn
client
dev tap
proto udp
remote 192.168.168.1 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca c:\\progra~1\\openvpn\\easy-rsa\\keys\\ca.crt
cert
c:\\progra~1\\openvpn\\easy-rsa\\keys\\jeffs-vmware-xp.crt
key c:\\progra~1\\openvpn\\easy-rsa\\keys\\jeffs-vmware-xp.key
comp-lzo
verb 4
#c:\\progra~1\\openvpn\\config\client.ovpn


and I start it via the openvpn gui in the task tray

So this allows my virtual machine to be on the same
network as my real machine with a dhcp address on my
real machine and on my virtual machine.

I only did this because vmwares ethernet bridge was
broken but like I said I will try implementing it at
work. I am one of 2 sysadmins and I'm sure my couter
part will like it. It also must be pushed past are
bosses :-)

What I like most is it works on linux and windows.

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com



-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users