[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Please help: How to "bridge" two tunnels?


  • Subject: [Openvpn-users] Please help: How to "bridge" two tunnels?
  • From: "Tibbs, Richard" <rwtibbs@xxxxxxxxxxx>
  • Date: Sun, 23 Jan 2005 11:15:57 -0500


Dear list, sorry for long post

I have the config below, with this arrangement:
winxp -- wlan --    Linuxfw1 -- Internet -- LinuxFw2 -- 192.168.10.0/24 
openvpn             openvpn                openvpn
2.0.15beta           1.6.0                   1.6.0
10.1.1.2      10.1.1.1  10.1.10.1         10.1.10.2
<     tunnel 1      >    <     tunnel 2         >  

The linuxfw's are Bering 1.2 from leaf.sourceforge.net.

The problem is to securely access from WinXP box on the wlan to the
192.168.10.0 subnet, say a machine 192.168.10.13.
Is it simply the case that openvpn must be installed on every machine in
192.168.10.0 for with a direct tunnel to WinXP?

Or is there a way in to " bridge " the two tunnels?

TIA
Rick.


Additional info:
 From winxp, no problem to ping any of the tunnel endpoints.
ping 10.1.1.1
Pinging 10.1.1.1 with 32 bytes of data:
Reply from 10.1.1.1: bytes=32 time=10ms TTL=64
Reply from 10.1.1.1: bytes=32 time=3ms TTL=64
Reply from 10.1.1.1: bytes=32 time=3ms TTL=64
Reply from 10.1.1.1: bytes=32 time=97ms TTL=64

ping 10.1.10.1
Pinging 10.1.10.1 with 32 bytes of data:
Reply from 10.1.10.1: bytes=32 time=2ms TTL=64
Reply from 10.1.10.1: bytes=32 time=1ms TTL=64
Reply from 10.1.10.1: bytes=32 time=1ms TTL=64
Reply from 10.1.10.1: bytes=32 time=1ms TTL=64


ping 10.1.10.2
Pinging 10.1.10.2 with 32 bytes of data:
Reply from 10.1.10.2: bytes=32 time=91ms TTL=63
Reply from 10.1.10.2: bytes=32 time=91ms TTL=63
Reply from 10.1.10.2: bytes=32 time=90ms TTL=63
Reply from 10.1.10.2: bytes=32 time=90ms TTL=63


>From  linuxfw1, can ping OK to 192.168.10.0
firewall: -root-
# ping 192.168.10.13
PING 192.168.10.13 (192.168.10.13): 56 data bytes
64 bytes from 192.168.10.13: icmp_seq=0 ttl=63 time=90.6 ms
64 bytes from 192.168.10.13: icmp_seq=1 ttl=63 time=90.4 ms
64 bytes from 192.168.10.13: icmp_seq=2 ttl=63 time=87.3 ms
64 bytes from 192.168.10.13: icmp_seq=3 ttl=63 time=89.0 ms


But from winxp, with this route table, no success reaching 192.168.10.13
========================================================================
===
Active Routes:
Network Destination        Netmask          Gateway       Interface
Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.3
2
         10.1.1.0  255.255.255.252         10.1.1.2        10.1.1.2
30
         10.1.1.2  255.255.255.255        127.0.0.1       127.0.0.1
30
   10.255.255.255  255.255.255.255         10.1.1.2        10.1.1.2
30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1
1
      192.168.1.0    255.255.255.0      192.168.1.3     192.168.1.3
2
      192.168.1.3  255.255.255.255        127.0.0.1       127.0.0.1
2
    192.168.1.255  255.255.255.255      192.168.1.3     192.168.1.3
2
     192.168.10.0    255.255.255.0         10.1.1.1        10.1.1.2
1
        224.0.0.0        240.0.0.0         10.1.1.2        10.1.1.2
30
        224.0.0.0        240.0.0.0      192.168.1.3     192.168.1.3
2
  255.255.255.255  255.255.255.255         10.1.1.2        10.1.1.2
1
  255.255.255.255  255.255.255.255      192.168.1.3     192.168.1.3
1
Default Gateway:     192.168.1.254
========================================================================
===
Persistent Routes:
  None


Pinging 192.168.10.13 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.10.13:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

============ winxp openvpn conf ===========================

remote 192.168.1.254
port 5000
disable-occ
dev tun

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ifconfig 10.1.1.2 10.1.1.1
secret secret.txt


===================fw1 openvpn.confs=================== 
# To linuxfw2
# Use a dynamic tun device.
dev tun
disable-occ
port 50001
local 216.p.q.r
# Our remote peer (office subnet)
remote 137.x.y.z
ifconfig 10.1.10.1 10.1.10.2
route 192.168.10.0 255.255.255.0

secret static.key
# =========================================
#The tunnel to winxp
# Use a dynamic tun device.
dev tun
# For compatability with 2.x openvpn clients/servers
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
disable-occ
local 192.168.1.254
float
ifconfig 10.1.1.1 10.1.1.2
secret static.key





____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users