[Openvpn-users] Bizzar problems with bridging Openvpn

["Christopher David Chapman" <c.d.chapman@xxxxxxxxxxxxx>]

Hi,
 
I am trying to set up a simple bridgeing vpn. The problem I seem to be having is that being a University blessed with a class B subnet all of our internal addresses are public addresses not private addresses. This seem to be causing problems with openvpn. When the client connects I get the message;
 
NOTE: --user option is not implemented on Windows
Thu May 04 19:03:29 2006 NOTE: --group option is not implemented on Windows
Thu May 04 19:03:29 2006 OpenVPN 2.0.7 Win32-MinGW [SSL] [LZO] built on Apr 12 2006
Thu May 04 19:03:29 2006 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Thu May 04 19:03:31 2006 LZO compression initialized
Thu May 04 19:03:31 2006 Attempting to establish TCP connection with 134.225.222.254:1723
Thu May 04 19:03:31 2006 TCP connection established with 134.225.222.254:1723
Thu May 04 19:03:31 2006 TCPv4_CLIENT link local: [undef]
Thu May 04 19:03:31 2006 TCPv4_CLIENT link remote: 134.225.222.254:1723
Thu May 04 19:03:33 2006 [sse-vpn] Peer Connection Initiated with 134.225.222.254:1723
Thu May 04 19:03:34 2006 WARNING: --remote address [134.225.222.254] conflicts with --ifconfig subnet [134.225.222.110, 255.255.255.0] -- local and remote addresses cannot be inside of the --ifconfig subnet. (silence this warning with --ifconfig-nowarn)
Thu May 04 19:03:34 2006 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{60CAB257-4DD5-4F31-8EA4-6E99C63D3690}.tap
Thu May 04 19:03:34 2006 Notified TAP-Win32 driver to set a DHCP IP/netmask of 134.225.222.110/255.255.255.0 on interface {60CAB257-4DD5-4F31-8EA4-6E99C63D3690} [DHCP-serv: 134.225.222.0, lease-time: 31536000]
Thu May 04 19:03:34 2006 Successful ARP Flush on interface [131074] {60CAB257-4DD5-4F31-8EA4-6E99C63D3690}
Thu May 04 19:04:04 2006 Initialization Sequence Completed With Errors ( see http://openvpn.net/faq.html#dhcpclientserv )
 
After this the client stops talkig to the server and I get a load of 
 
Thu May 04 19:07:10 2006 TCP: connect to 134.225.222.254:1723 failed, will try again in 5 seconds
 
Error messages. I think this is because it is trying to route to the server through the tunnel intead of via the default gateway but Im not sure. Any Ideas?
 
Cheers
   Chris
 
Server config
 
local 134.225.222.254
port 1723
proto tcp
dev tap0
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/sse-vpn.crt
key /etc/openvpn/easy-rsa/keys/sse-vpn.key  # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
#this will assign connecting clients address between the range of 100 and 150
server-bridge 134.225.222.254 255.255.255.0 134.225.222.110 134.225.222.115
#this will allow for people to get the same IP address after a reconnect
ifconfig-pool-persist /etc/openvpn/ipp.txt
#push "route 134.225.0.0 255.255.0.0"
#change this to your companies DNS server or omit it entirely
#push "dhcp-option DNS 134.225.32.11"
keepalive 10 120
comp-lzo
max-clients 10
user nobody
persist-key
persist-tun
status /tmp/openvpn-status.log
log-append  /var/log/openvpn.log
verb 6

 
Client config
 
client
dev tap
proto tcp
remote 134.225.222.254 1723
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
comp-lzo
ns-cert-type server
user nobody
group nogroup
ca ca.crt
cert chris.crt
key chris.key
 


-------------------------------------------------------
Get stuff done quickly with pre-integrated technology to make your job easier
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users