[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] OpenVPN and partial windows network browsing

  • Subject: Re: [Openvpn-users] OpenVPN and partial windows network browsing
  • From: Charles Duffy <cduffy@xxxxxxxxxxx>
  • Date: Wed, 04 Oct 2006 07:42:53 -0500

OverTech Argentina wrote:
> But with this bridging mode a little problem appear: both WRT54GL works 
> as DHCP for the clients physically connected, but after the VPN bridge 
> is running what a client connected to anyone of the WRT54GL sees it's a 
> subnet with two DHCP, so sometimes happened that clients behind office 
> WRT54GL got IP information from the home WRT54GL and vice-versa.

One way to solve this is using ebtables to block DHCP/BOOTP traffic from 
traversing the bridge. ebtables is included in OpenWRT, and Google finds 
some hints on using it for your present purpose.

> I installed a WINS server at Windows 2003 Server primary domain 
> controller located at the office, and I discovered that my home computer 
> connected to my home WRT54GL, registers its name and IP in the WINS 
> server correctly, but then when I go to My Network Places in my home 
> Windows  XP computer I only see the home computer and not all the 
> computers at the office.

Is the WINS server being used by the clients on both ends? Typically, 
the access method and address for a WINS server should be set by DHCP -- 
especially if it's on a different subnet. You should be able to use 
ipconfig on Windows to see which WINS servers, if any, are presently 
configured; if your WINS server isn't shown, you need to configure your 
DHCP service to provide its address (and, on the remote side, specify 
that it should be accessed via unicast traffic). This is similar to what 
OpenVPN's built-in mini-DHCP-server does with a Windows client when 
"dhcp-option WINS" and "dhcp-option NBT 8" are set.

I believe the same settings can be entered manually via the TCP/IP 
properties pane associated with the relevant adapter on Windows, though 
this is obviously only a reasonable course of action on a very small 

OpenVPN mailing lists