[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Fwd: Re: [Openvpn-users] Re: openvpn and ccd]

  • Subject: Re: [Fwd: Re: [Openvpn-users] Re: openvpn and ccd]
  • From: "BlaaT 0001" <blaat0001@xxxxxxxxx>
  • Date: Fri, 14 Apr 2006 15:23:14 +0200

Your config files look pretty much OK.

The IP of your OpenVPN server is right?

This should reflect in your config file.

> now i'm using tap to test
> my config file on server side (comments in french)
> ************************************************************************************************************************
> local <ip>            # ip publique du serveur
> port 1194
> proto udp
> dev tap                    # type interface = tap (layer2)

dev tap0 to avoid any conflicts with other TAP devices (if any exist)

> tun-mtu 1500
> mssfix                      # ?? link with tun-mtu ??
> persist-key
> persist-tun
> ca /etc/openvpn/tls/cacert.pem        # certificat de l'autorité de
> certification
> cert /etc/openvpn/tls/vpn.pierre.crt    # certificat du serveur
> key /etc/openvpn/tls/vpn.pierre.key    # clé privé du serveur
> dh /etc/openvpn/tls/dh1024.pem        # clé DH pour initialisation du tunnel
> server-bridge

This should state the IP of your OpenVPN server LAN IP (eth0/tap0
share the same IP

> ifconfig-pool-persist /etc/openvpn/jail/log/ipp.txt    # fichier
> contenant les attributions Common Name/IP
> client-to-client            # autorise les clients à se voir entre eux
> keepalive 10 120
> cipher BF-CBC                # chiffrement Blowfish
> comp-lzo                # compression des données => meilleures perfs
> max-clients 15
> user nobody
> group nogroup
> chroot /etc/openvpn/jail/log/
> status /etc/openvpn/jail/log/status_bridged.log
> log-append /etc/openvpn/jail/log/openvpn_bridged.log
> verb 4
> mute 10
> ********************************************************************************************************************************
> i found it on the web http://www.nbs-system.com/article/openvpn2_howto
> i don't know why when the server push the route-gw to the client i don't
> see it in the client route.
This is a snip for the man page:

Finally, set aside a IP range in the bridged subnet, denoted by
pool-start-IP and pool-end-IP, for OpenVPN to allocate to connecting

For example, server-bridge expands as follows:

mode server

push "route-gateway"

It shows that the "PUSH-REPLY" mentioned earlier in your log files is
correct with the supplied config file.

Change the server-bridge directive as mentioned above. Than you should
be able to ping the address.

How are you connecting to the OpenVPN server? Does it reside on the
same LAN? Is your client PC on the network as well? If
this is the case it's hard to see if traffic is really flowing over
the VPN link or just over your ordinary LAN connection.



This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
Openvpn-users mailing list