[Openvpn-users] Unable to broadcast in bridged-mode

["Werner vd Merwe" <werner@xxxxxxxxxxxx>]

Good day,

 

I am very new at OpenVPN and have ran through quite a couple of the online examples – both those on Sourceforge, as well as the HOWTO’s on OpenVPN.net.

 

My connection:

 

Client  (Windows XP) è Internet è Shorewall Firewall & OpenVPN  on CentOS4.2è LAN

 

I can connect from the internet to the VPN server no problem, even ping the machines on the LAN, but I am unable to do broadcasts over the link.

 

The purpose for the setup is primarily for gaming, as many of my friends live about 800miles from me!

 

I am not sure if it is a shorewall issue, as I used to use turtlefirewall, but wanted to try something more scalable.

 

My configs:

 

BRIDGE:

#!/bin/bash

br="br0"

tap="tap0"

eth="eth1"

eth_ip="192.168.50.254"

eth_netmask="255.255.255.0"

eth_broadcast="192.168.50.255"

for t in $tap; do

    openvpn --mktun --dev $t

done

brctl addbr $br

brctl addif $br $eth

for t in $tap; do

    brctl addif $br $t

done

for t in $tap; do

    ifconfig $t 0.0.0.0 promisc up

done

ifconfig $eth 0.0.0.0 promisc up

ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast

 

SERVER:

dev tap0

server-bridge 192.168.50.254 255.255.255.0 192.168.50.10 192.168.50.20

dh dh1024.pem

dh "/etc/openvpn/keys/dh1024.pem"

ca "/etc/openvpn/keys/ca.crt"

cert "/etc/openvpn/keys/server.crt"

key "/etc/openvpn/keys/server.key"

port 1195

comp-lzo

client-to-client

user nobody

group nobody

ping 15

ping-restart 45

ping-timer-rem

persist-tun

persist-key

verb 3

 

CLIENT:

client

dev tap

proto udp

remote  ****.net 1195

resolv-retry infinite

nobind

persist-key

persist-tun

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"

cert "C:\\Program Files\\OpenVPN\\config\\werner.crt"

key "C:\\Program Files\\OpenVPN\\config\\werner.key"

comp-lzo

verb 3

 

Firewall:

ZONES:

lan     lan     Inside LAN

ext     internet        External Zone

vpn     vpn     VPN Tunnels

 

INTERFACES:

lan     br0     detect

ext     ppp0    detect  norfc1918

vpn     tap0    detect

vpn     tun0    detect

 

POLICIES
$FW     all     ACCEPT  debug

lan     all     ACCEPT  debug

ext     all     DROP    debug

vpn     all     ACCEPT  debug

 

RULES:

ACCEPT:debug    all     $FW     udp     1195

ACCEPT  all     $FW     udp     5005

ACCEPT  all     $FW     udp     1194

 

 

Please let me know if I should provide more info.

 

Mnay (many) thanks in advance.

 

Kind regards

Werner

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.5.2/329 - Release Date: 2006/05/02