[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

RE: [Openvpn-users] OpenVPN nightmare

  • Subject: RE: [Openvpn-users] OpenVPN nightmare
  • From: "Marcus Human" <marcus@xxxxxxxxxxxxxxx>
  • Date: Mon, 15 Nov 2004 18:05:06 +0200

I am making good progress, do I have to use bridge mode on server and on
client. The client uses a dialup connection to ISP gets an DHCP address,
somehow I need to link this address to the 192.x.x.x private address. I
did set up a tap interface on the client side.

With the above settings I get some sort of connection but my server
openvpn reports first connected to peer and the network unreachable and
this is where it gets stuck.

Do I still need to setup vpn endpoint with a unique address like for server and for client or can I just use bridging?

Thanks for all the help so far


Well, I've finally had sucess doing this (suposing you want to do

Server side:
  a) Setup bridge by using the "start-bridge" script (check the sources 
of openvpn from where you compiled the openvpn binaries):
It basically creates an interface tap0, then creates the bridge br0 and 
puts tap0 and ethx "inside" it; ethx should be the private interface. 
(in your case eth1)
  b) generate a key for adding security to the connection:
  openvpn --genkey --secret generated.key
  c) Create a config file for the connection. Something as simple as
# ><><><>laptop.conf: server-side config for laptop ><><><><
port 5000
dev tap0
secret /etc/openvpn/generated.key
# ><><><><><><><><><><

(You may need/want to add extra things later, check the docs, openvpn 
manpage and howto's available)

   d) start openvpn. Use the init script available on the sources. I had

to change it a bit to work with debian sarge. I think you can also do
# openvpn /etc/openvpn/laptop.conf"

Client side:
  a) Install openvpn exe.
  b) copy "generated-key" from server to c:\program files\openvpn\config
  c) create a config file in c:\program files\openvpn\config
# ><><><>laptop.conf: client-side config for laptop ><><><><
dev tap
remote your.server.public.address 5000
ifconfig the.ip.you.want.inside.vpn
secret generated.key
ping 10
# ><><><><><><><><><><
  d) start the connection by executing inside a "cmd" window
" net start openvpnservice "
(to stop use " net stop openvpnservice " )

With this I was able to get things working in my test cenario.. as I 
said, you may need extra config like "mtu", "fragment" and stuff like 
that... read the docs, try stuff.. may someone else can enlighten you if

you keep having problems.

Good luck
Joao Clemente

Marcus Human wrote:
> I tried almost everything and are very confused on the setup of
> I try to connect a XP machine to a Linux machine running OpenVPN. The
> machine is the server and has two NIC's eth0 on internet side and eth1
> private LAN side. The Internet address is 196.xx.xx.xxx and the
> address is 192.168.x.x. The remote client an XP machine needs to
connect to 
> the private LAN via the VPN. It has a static IP of 192.168.x.x when it
is in 
> the office but remotely it will get assigned a dynamic IP by the ISP
> dialup. My aim is to connect the remote XP laptop via the internet to
> office private LAN via the VPN. Can anyone please give me a short
> what I need to do to establish this connection.

Openvpn-users mailing list