|
|
Hi, Dave, In my humble opinion, the easiest way to set up bridging is to ignore the instructions listed on the shorewall page you linked to, and do everything just as the HOWTO on openvpn.sourceforge.net describes it instead. Bridge your tap0 adapter to eth1 (or whatever your local area network adapter is) as the new bridge device "br0". Then, for all intents and purposes, you can go into your /etc/shorewall/interfaces file and change it from this (or something close to it): #Zone Interface Broadcasts Options net eth0 detect - loc eth1 detect - To this: #Zone Interface Broadcasts Options net eth0 detect - loc br0 detect - That should really be about it. All your old shorewall rules and policies which applied to "loc" will now pertain to the br0 interface instead of eth1, just like you want (or at least, just like I **think** you want. Maybe I'm mistaken). Do this on both sides of your tunnel, and make sure to change your DHCP server (if you are running one) to hand out DHCP on device br0 instead of on eth1. If you use bridging in this manner, you should have no problems passing broadcast traffic between your two networks. Also keep in mind that if implemented this way, you will only need 1 DHCP server - it will work just fine through the tunnel. In fact, running two might cause you some problems. Just to make sure bridge is created properly before shorewall starts, I write a simple shell script to set up the bridge, and called that shell script from /etc/shorewall/init, which runs automatically at the very beginning of a "shorewall start" command. Good luck! Dave ----- Original Message ----- From: "Dave B" <dragin33@xxxxxxxxxxx> To: <openvpn-users@xxxxxxxxxxxxxxxxxxxxx> Sent: Thursday, August 28, 2003 10:50 PM Subject: [Openvpn-users] Routing Vs Bridged? Setup? > Hi. I have two linux systems being used as a router/gateway for two > separate lans on the internet. I wanted to use these boxes to create a VPN > between the networks as well so i looked up openvpn because it supported > bridging.. more importantly broadcast packets for gaming. I use shorewall > on both systems and shorewall's website has a guide to setting up a bridged > openvpn here: http://www.shorewall.net/OPENVPN.html I read through the > HOWTO on openvpn.sourceforge.net and also the bridge mini-howto. To be > honest i find the steps in the mini-howto hard to re-apply to my network. > It seems like some of the things he's doing.. if some of those thing in > shorewall then i would bring my lan's connection down. I was wondering what > the difference between the "bridging" configuration on shorewall's website > and the "bridging" configuration on openvpn's differ? Is there anyone that > has got bridging to work with shorewall (and with all the goodies like > broadcast, netbui, and ipx/spx?) > > Thanks! > > _________________________________________________________________ > Get MSN 8 and enjoy automatic e-mail virus protection. > http://join.msn.com/?page=features/virus > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > https://lists.sourceforge.net/lists/listinfo/openvpn-users ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |