From owner-freebsd-questions@FreeBSD.ORG Tue Jun 10 03:45:16 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C794F106564A for ; Tue, 10 Jun 2008 03:45:16 +0000 (UTC) (envelope-from andrewberry@sentex.net) Received: from moe.cs.uoguelph.ca (moe.cs.uoguelph.ca [131.104.94.198]) by mx1.freebsd.org (Postfix) with ESMTP id 6F1448FC17 for ; Tue, 10 Jun 2008 03:45:16 +0000 (UTC) (envelope-from andrewberry@sentex.net) Received: from robin.cs.uoguelph.ca (robin.cs.uoguelph.ca [131.104.93.49]) by moe.cs.uoguelph.ca (8.13.1/8.13.1) with ESMTP id m5A3jEsr015526 for ; Mon, 9 Jun 2008 23:45:15 -0400 Received: from blizzard.lan (p201xjl1ll.dsl2.sentex.ca [64.7.159.203]) (authenticated bits=0) by robin.cs.uoguelph.ca (8.13.4/8.13.4) with ESMTP id m5A3imch018386 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for ; Mon, 9 Jun 2008 23:45:13 -0400 Resent-Message-Id: <200806100345.m5A3imch018386@robin.cs.uoguelph.ca> Resent-To: freebsd-questions@freebsd.org From: Andrew Berry To: =?WINDOWS-1252?Q?Nejc_=8Akoberne?= In-Reply-To: <484D895A.4050300@skoberne.net> Resent-From: Andrew Berry References: <4AF0C677-6628-49A6-BDD8-F5620CBF05F1@sentex.net> <484D895A.4050300@skoberne.net> Message-Id: Content-Type: multipart/signed; boundary=Apple-Mail-786-686596122; micalg=sha1; protocol="application/pkcs7-signature" Resent-Date: Mon, 9 Jun 2008 23:45:13 -0400 Mime-Version: 1.0 (Apple Message framework v924) Date: Mon, 9 Jun 2008 23:44:48 -0400 X-Mailer: Apple Mail (2.924) X-Spam-Scanner: SpamAssassin 3.000004 (http://www.spamassassin.org/) on robin.cs.uoguelph.ca X-Spam-Score: hits=1.8 X-Spam-Level: * X-Spam-Tests: FORGED_RCVD_HELO, J_CHICKENPOX_23, J_CHICKENPOX_63, J_CHICKENPOX_82, SPF_PASS X-Spam-Status: Suspected X-Scanned-By: MIMEDefang 2.63 on 131.104.94.198 X-Scanned-By: MIMEDefang 2.52 on 172.17.94.86 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: Openvpn on FreeBSD 7 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2008 03:45:16 -0000 --Apple-Mail-786-686596122 Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable On 9-Jun-08, at 3:49 PM, Nejc =8Akoberne wrote: > I do. I don't use bridging, though. Do you have a good reason to use =20= > it? I was using it because I could then assign my laptop the same IP =20 easily through my router (a separate device with DHCP) and also have =20 hostnames pushed through DHCP. But I imagine in my case I could do the =20= same thing with a tunnel. > Have you tried to tcpdump the interfaces? Yes, I did: 'tcpdump -i tun0'. Nothing shows up on the server, but on =20= the client (OS X) I can see the pings being sent. > How did you configure the bridge? Here is my current config: It's no longer doing bridging though. openvpn.conf: port 1194 proto tcp dev tun ca ca.crt cert server.crt dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 And on my client: tls-client dev tun ca ca.crt cert client1.crt key client1.key remote my-remote-host proto tcp-client port 1194 comp-lzo ping 15 ping-restart 45 ping-timer-rem persist-tun persist-key verb 3 I then ifconfig'ed the tun0 interface to be 10.8.0.2 =3D> 10.8.0.1. Thanks! --Andrew --Apple-Mail-786-686596122--