[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Routing problems with bridged VPN


  • Subject: [Openvpn-users] Routing problems with bridged VPN
  • From: "Avi Shevin" <avi@xxxxxxxxxxx>
  • Date: Sun, 18 Nov 2007 16:18:31 -0500 (EST)
  • Importance: Normal

Hello all!

I have the following problem:

I have a Linux server that I use as a gateway from my home LAN to the
'net.  The internal NIC is eth1, serving a 10.0.0.0 network.  I have an
ADSL connection that sits over eth0, and I use iptables for NAT.  I have
installed openvpn on this box, and I would like to bridge the internal
network (eth1) with the VPN clients.  The bridge appears to be setup
correctly (br0 has an ip address of 10.0.0.1, and everything except the
vpn still works correctly.)  I have a Vista laptop that I'm using as a
test client.  It's connected to a public wireless network, so it's not
sitting on my home LAN at the moment.  I want to bridge it with my home
network (10.0.0.0), but it doesn't work correctly.  It connects just fine
without any warnings or errors, but routing is completely broken.


openvpn config (server)
-----------------------
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
client-to-client
comp-lzo
dev tap
dh /etc/openvpn/keys/dh1024.pem
group nogroup
ifconfig-pool-persist ipp.txt
keepalive 10 120
local 75.42.96.214
persist-key
persist-tun
port 1196
proto udp
server-bridge 10.0.0.1 255.255.255.0 10.0.0.201 10.0.0.224
status openvpn-status.log
user nobody
verb 3

routing table (server)
----------------------
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface adsl-75-42-97-2 *               255.255.255.255 UH    0      0      
 0 ppp0 10.0.0.0        *               255.255.255.0   U     0      0    
   0 br0 default         *               0.0.0.0         U     0      0   
    0 ppp0


openvpn config (client)
-----------------------
client
dev tap
proto udp
remote <my server> 1196
resolv-retry infinite
nobind
persist-key
persist-tun
ca "c:\\program files\\openvpn\\keys\\ca.crt"
cert "c:\\program files\\openvpn\\keys\\vista.crt"
key "c:\\program files\\openvpn\\keys\\vista.key"
comp-lzo
verb 3

routing table (client)
----------------------
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     64.250.128.1   64.250.157.167     25
         10.0.0.0    255.255.255.0         On-link        10.0.0.201    286
       10.0.0.201  255.255.255.255         On-link        10.0.0.201   
286 10.0.0.255  255.255.255.255         On-link        10.0.0.201  
 286
     64.250.128.0    255.255.224.0         On-link    64.250.157.167    281
   64.250.157.167  255.255.255.255         On-link    64.250.157.167   
281 64.250.159.255  255.255.255.255         On-link    64.250.157.167  
 281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1   
306 127.0.0.1  255.255.255.255         On-link         127.0.0.1  
 306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1   
306 224.0.0.0        240.0.0.0         On-link    64.250.157.167  
 281 224.0.0.0        240.0.0.0         On-link        10.0.0.201 
  286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1   
306 255.255.255.255  255.255.255.255         On-link    64.250.157.167  
 281 255.255.255.255  255.255.255.255         On-link        10.0.0.201 
  286
===========================================================================
Persistent Routes:
  None


ping results (client to server)
-------------------------------
C:\Users\Avi>ping 10.0.0.1

Pinging 10.0.0.1 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.0.0.1:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


ping results (server to client)
-------------------------------
home:/etc/openvpn# ping -c 4 10.0.0.201
PING 10.0.0.201 (10.0.0.201) 56(84) bytes of data.
>From 10.0.0.1 icmp_seq=1 Destination Host Unreachable
>From 10.0.0.1 icmp_seq=2 Destination Host Unreachable
>From 10.0.0.1 icmp_seq=3 Destination Host Unreachable
>From 10.0.0.1 icmp_seq=4 Destination Host Unreachable

--- 10.0.0.201 ping statistics ---
4 packets transmitted, 0 received, +4 errors, 100% packet loss, time
3008ms , pipe 3


-- 
- Avi Shevin
- avi@xxxxxxxxxxx



-- 
- Avi Shevin
- avi@xxxxxxxxxxx

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users