[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] [noob] OpenVpn bridging mode configuration


  • Subject: [Openvpn-users] [noob] OpenVpn bridging mode configuration
  • From: bellefqih med <b_52globemaster@xxxxxxxx>
  • Date: Sun, 29 Jul 2007 19:02:03 +0200 (CEST)

Hi ,

i have just installed  openvpn , i got a scenario when i have small LAN , we application servers in it  (oracle,apache...) , and i want people to connect to the lan and browse the lan ressource .


there is  my server conf :

proto udp
port 1194
dev tap0
keepalive 10 120
comp-lzo
user nobody
group nogroup
server-bridge 192.168.1.201 255.255.255.0 192.168.1.220 192.168.1.230
ifconfig-pool-persist /etc/openvpn/ipp.txt
push "dhcp-option DNS 192.168.1.1"
push "dhcp-option WINS 192.168.1.1"
push "route 192.168.1.0 255.255.255.0"
client-config-dir    /etc/openvpn/clients
persist-key
persist-tun
ca         /etc/openvpn/keys/ca.crt
cert       /etc/openvpn/keys/globeVPN.crt
key        /etc/openvpn/keys/globeVPN.key
dh         /etc/openvpn/keys/dh1024.pem
log-append /etc/openvpn/openvpn.log
client-to-client
verb 6

and the client:

proto udp
dev tap0
remote server 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ns-cert-type server
comp-lzo
tls-client
verb 9
user nobody
group nogroup
ca   ca.crt
cert Client01.crt
key  Client01.key
log-append client.log



NB , i got a small lan : 192.168.1.0 , with a routeur(192.168.1.1) that got a dns/dhcp ...



and i am using bridge-start/stop script
#!/bin/bash
br="br0"
tap="tap0"eth="eth0"
eth_ip="192.168.1.201"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.1.255"
for t in $tap; do
    openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
    brctl addif $br $t
done
for t in $tap; do
    ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast



and bridge-stop:
#!/bin/bash
br="br0"
tap="tap0"
ifconfig $br down
brctl delbr $br
for t in $tap; do
    openvpn --rmtun --dev $t
done


, when i start the bridge-start script , my network crash and i must restart the machine , i'm sure i have missed something somewhere , but i need a help to find what :d

AND THANKS A LOT


Ne gardez plus qu'une seule adresse mail ! Copiez vos mails vers Yahoo! Mail