[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Public IP in a bridged config???

  • Subject: Re: [Openvpn-users] Public IP in a bridged config???
  • From: John Locke <mail@xxxxxxxxxxxx>
  • Date: Mon, 22 Mar 2004 00:33:04 -0800

On Sun, 2004-03-21 at 20:52, Sttf wrote:
> WHERE do you specify your public IP when you do a bridge config?????
> In the next script, avaliable in the mini-bridging howto, is not
> shown!!
That's because it's set up outside of OpenVPN. 

> Is it suposed that when you do the addbr/addif, the ETH0 public
> address must be already set??

If eth1 is the NIC attached directly to your LAN, then yes, eth0 can be
a NIC connected to the Internet, using a public IP address.

>     #!/bin/bash
>     modprobe tun
>     modprobe bridge
>     openvpn --mktun --dev tap0
>     openvpn --mktun --dev tap1
>     brctl addbr br0
>     brctl addif br0 eth1
>     brctl addif br0 tap0
>     brctl addif br0 tap1
>     ifconfig tap0 promisc up
>     ifconfig tap1 promisc up
>     ifconfig eth1 promisc up
>     ifconfig br0 netmask broadcast
>     # end of script
> Guys, this is very, very, very very very very confusing for me. I really dont know if anybody else have
> encountered this great mess while deploying a simple home-vpn like i wish, but im really headached with all this.
> Thanks in advance.

This looks correct to me, as long as eth1 is the NIC attached to your
LAN. When you're bridging, the bridge connects all your tap devices to
the LAN interface. The bridge itself is the only thing that gets an IP
address, in this case.

If this box is behind a firewall and doesn't have a public IP address,
then it's most likely eth0 you want to bridge, instead of eth1. You
probably want to do this while you're sitting at the box (not connected
through SSH). Take it from someone who knows...

John Locke
Open Source solutions for small business problems

Openvpn-users mailing list