|
|
Vishal Abrol wrote: > What I want to do is to setup openVPN server at 'LOC-B' at my static IP > '61.XXX.XXX.XXX'. only IP allowed on 'LOC-A' server will be openVPN Server's > IP. Anybody who wants to connect to 'LOC-A' will have to connect to openVPN > server at 'LOC-B' and openVPN will provide them an internal IP address from > range configured through openVPN. Also once they are connected to openVPN, > they should be able to browse the internet. Use IP masquerading on your OpenVPN server (which makes more sense configured w/ tun rather than tap), such that all packets from VPN clients will have the source IP of the VPN server. > For now, I am testing with 2 XP machine. I installed & configured openVPN > server with bridging. Once I connect to openVPN server through client, I get > an IP > IP : 10.8.0.50 > Subnet: 255.255.255.0 > Gateway: 10.8.0.4 > DHCP: 10.8.0.0 > DNS server: 10.8.0.1 (pushed thru dhcp-options) > > After the connection, I am not able to browse the internet or connect to our > servers at 'LOC-A'. From the client machine, I am not even able to ping > 10.8.0.4 or 10.8.0.0 or 10.8.0.1. I disabled all the firewalls but still no > ping reply. First, make sure your bridge is working: Use ethereal, tcpdump or similar tools to determine whether packets sent in the tap adapter on one side of your VPN client make it out the other side; then, use the same tools to determine whether those packets make it onto the Ethernet interface you're attempting to bridge to. That said -- I still advise that you switch from bridging to routing with a masquerade rule, given your initial statement of requirements. ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |