From owner-freebsd-questions@FreeBSD.ORG Wed May 4 15:19:13 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D7F9B106564A for ; Wed, 4 May 2011 15:19:13 +0000 (UTC) (envelope-from kraduk@gmail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 625CD8FC15 for ; Wed, 4 May 2011 15:19:12 +0000 (UTC) Received: by wwc33 with SMTP id 33so1268378wwc.31 for ; Wed, 04 May 2011 08:19:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=VvMzkitsD9iTPQMWaVeSuJWhF4Rx0oP6j0yb+XWDi0g=; b=HnhvJXf7MMki0hDKv5NLfwVRKAUd0BTQRR2qoPCIXwjbVnGrJyQuOD9nM8mm4DCglA DtWKRQkbTa+R33ULl0Qf9qXEu81lU622YOr+uq1Xz3mgJsO6+cNN+qDY+G1sZYejYVRl 2DWM5p87AuV6eMDZ187G76KROCpcNi8bnAFzk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=Jlnjoscc1/RFGYDr74NSdsR7+aGC+rh/W8i6aII+H3nfbFGSAOtQz8Yom0mfc0a3EE lw7rKrNCDIXqpJ5398AaRdRrGdU0ZwPr6tQnTpUXsFw8p0bUb+B1xDlWtciIOdfx+QO5 9F+7qF96z9v6LbO0qnebhJfhx0ZQYwPt/N5YQ= MIME-Version: 1.0 Received: by 10.216.16.32 with SMTP id g32mr4979778weg.0.1304522350539; Wed, 04 May 2011 08:19:10 -0700 (PDT) Received: by 10.216.15.73 with HTTP; Wed, 4 May 2011 08:19:10 -0700 (PDT) In-Reply-To: References: <201105040519.56695.geoff@apro.com.au> Date: Wed, 4 May 2011 16:19:10 +0100 Message-ID: From: krad To: Kevin Wilcox Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Free BSD Questions list , geoff@apro.com.au Subject: Re: Can I bridge the same subnet across a VPN? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 May 2011 15:19:13 -0000 On 3 May 2011 20:44, Kevin Wilcox wrote: > On Tue, May 3, 2011 at 15:19, Geoff Roberts wrote: > > > Is it possible to join two sites with the same subnet across a VPN? > > Yes. > > > I have two sites that have the same subnet/mask. > > > > I need these two separated networks to behave as one across a VPN. > > That's understandable. You may want to consider breaking the /24 into > two /25s, one at each site, and routing the connection instead but > that's not necessary and you can indeed use a bridge with few issues. > > > Happy to use either IPSec or OpenVPN to actually encrypt the traffic. > > We've done it as a demo of what you can do with OpenVPN, it's trivial > once you get some configuration issues straight in your head (or > that's how it worked for me). > > To bridge in OpenVPN, take a look at: > > > http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html > > kmw > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > you can do this with a combination of openvpn (using tap, not tun) and if_bridge both ends. However I have found it to be flakey and not really worth the effort. Better to go with a routed solution.