[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

[Openvpn-users] One of THOSE people -- Win/Lin bridge problems

Subject: [Openvpn-users] One of THOSE people -- Win/Lin bridge problems
From: "Robert Brewer" <fumanchu@xxxxxxxx>
Date: Wed, 1 Oct 2003 15:21:59 -0700

I'm not having complete success creating a bridged VPN. I'm not a
networking guru. I am good at reading docs (hey, I got this far), so if
someone here can just point me in the right direction, I'd appreciate
it. Here's the basic setup:

client: Win2k laptop, running a TAP with IP 192.168.0.244

server: Debian Woody server with 2.4.18 kernel, with iptables, tunneling
and bridging support built in (not as modules), running a bridge br0
with IP 192.168.0.251. I installed OpenVPN (1.4.1.4-1), bridge-utils,
etc. via apt-get, if that makes any difference.

The script I use to create the bridge will probably explain the setup on
the server side best:

channel:/etc/openvpn# cat opentuns.sh
#!/bin/bash

openvpn --mktun --dev tap0

brctl addbr br0
brctl addif br0 eth1
brctl addif br0 tap0

ifconfig tap0 0.0.0.0 promisc up
ifconfig eth1 0.0.0.0 promisc up

ifconfig br0 192.168.0.251 netmask 255.255.255.0 broadcast 192.168.0.255

# end of script



AFAICT, the bridge works (I just connected from my LAN via SSH on
192.168.0.251 when I grabbed this script to paste). I don't receive any
error messages at any time. When I run OpenVPN on both sides, they both
appear to be working fine (they don't exit unexpectedly at least). AND,
if I ping the server from the client (over the VPN), I can run "tcpdump
-i eth0 udp port 5000" on the server and see the activity. If I ping
some other address across the VPN from the client, same thing. But the
pings time out every time; similar conversations over TCP (e.g. port 80)
have the same issues. There's no firewall or anything between the two
machines at this point: they're on the same subnet physically.

Here's the server-side VPN config:

channel:/etc/openvpn# cat bridge.conf
# OpenVPN bridge config

dev tap
secret static.key

persist-key
persist-tun
ping-timer-rem
ping-restart 60
ping 10

comp-lzo

user nobody
group nobody

verb 5

# end of config



For good measure, here's the client-side (Win2k) OpenVPN config:
# OpenVPN bridge config, client side

remote 172.16.0.16

dev tap
dev-node my-tap
# ifconfig 192.168.0.244 255.255.255.0

secret static.key
ping 10
comp-lzo
verb 5
# mute 10



On a lark, I decided to just include everything I could, and found what
might be a traceable symptom in ifconfig:

channel:/etc/openvpn# ifconfig
br0       Link encap:Ethernet  HWaddr 00:A0:CC:39:88:DC
          inet addr:192.168.0.251  Bcast:192.168.0.255
Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4600 errors:0 dropped:0 overruns:0 frame:0
          TX packets:381 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:289864 (283.0 KiB)  TX bytes:37900 (37.0 KiB)

eth0      Link encap:Ethernet  HWaddr 00:00:C0:75:33:E7
          inet addr:172.16.0.16  Bcast:172.16.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:619 errors:0 dropped:0 overruns:0 frame:0
          TX packets:176 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:94646 (92.4 KiB)  TX bytes:32530 (31.7 KiB)
          Interrupt:3 Base address:0xdc00

eth1      Link encap:Ethernet  HWaddr 00:A0:CC:39:88:DC
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:4698 errors:1 dropped:0 overruns:0 frame:0
          TX packets:381 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:363292 (354.7 KiB)  TX bytes:37900 (37.0 KiB)
          Interrupt:9 Base address:0xd800

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:560 (560.0 b)  TX bytes:560 (560.0 b)

tap0      Link encap:Ethernet  HWaddr 00:FF:6D:32:5C:A6
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:4315 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)


Looks like tap0 dropped every packet. Any ideas? This is about my last
chance to get an open-source VPN solution in place, before we just bite
the bullet and buy something off the shelf. *gulp*

I'd be happy to answer any questions or include more data if anyone
would like.



Robert Brewer
MIS
Amor Ministries
fumanchu@xxxxxxxx

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Prev by Date: Re: [Openvpn-users] Bridging: Which device
Next by Date: [Openvpn-users] connecting to other networks with openvpn installed
Previous by thread: Re: [Openvpn-users] Bridging: Which device
Next by thread: RE: [Openvpn-users] One of THOSE people -- Win/Lin bridge problems
Index(es):
- Date
- Thread