Site Navigation

Date:      Tue, 26 Apr 2011 08:07:32 +0200
From:      Maciej Milewski <milu@dat.pl>
To:        Ryan Coleman <editor@d3photography.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: OpenVPN routing
Message-ID:  <201104260807.32541.milu@dat.pl>
In-Reply-To: <5677ADC4-3BE8-46C0-8C19-C893276B79FE@d3photography.com>
References:  <6073BC9F-553D-41E2-AE42-341B61850EA7@cwis.biz> <5677ADC4-3BE8-46C0-8C19-C893276B79FE@d3photography.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Tuesday 26 of April 2011 04:38:29, Ryan Coleman wrote:
> Also:
> [root@nbserver1 /usr/home/ryanc]# ifconfig
> em0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
> mtu 1500 options=3D98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>         ether 00:14:22:15:dc:65
>         inet 192.168.46.2 netmask 0xffffff00 broadcast 192.168.46.255
>         media: Ethernet autoselect (1000baseT <full-duplex>)
>         status: active
> tap0: flags=3D8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric=
 0
> mtu 1500 options=3D80000<LINKSTATE>
>         ether 00:bd:7e:86:1d:00
>         inet 192.168.47.1 netmask 0xffffff00 broadcast 192.168.47.255
>         Opened by PID 10341
> bridge0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
> 1500 ether 46:e1:75:c6:a3:a7
>         inet 192.168.47.254 netmask 0xffffff00 broadcast 192.168.47.255
>         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
>         maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
>         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
>         member: tap0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 5 priority 128 path cost 2000000
>         member: em0 flags=3D143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 1 priority 128 path cost 20000
>=20
> On Apr 25, 2011, at 9:36 PM, Ryan Coleman wrote:
> > I've got an OpenVPN connection working to my remote server, but I want =
to
> > route the traffic to the local LAN.
> >=20
> > I have a bridge set up, pingable... but can't ping the em1 (192.168.46.=
2)
> > from the remote machine.
> >=20
> > Server.conf:
=2E..
> > server 192.168.47.0 255.255.255.0
=46rom the man openvpn(8):
              Don't  use --server if you are ethernet bridging.  Use --serv=
er-
              bridge instead.
And additionally bridging means that you have to divide your local=20
subnet(192.168.46.0/24) into two parts. Please have a look for the example =
at=20
[1].

You may even not need bridging if you want to use two subnets of /24. Have =
you=20
tried with standard setup(server) and configuring your default gateway(I=20
suspect 192.168.46.1) with the routing information about openvpn subnet=20
192.168.47.0/24?


[1] http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-
ethernet-bridging.html

Maciej Milewski

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201104260807.32541.milu>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact