In message <8E635901-0D1B-4336-A8D4-0F81318F8F16@...>, Tobias
Sargeant <toby@...> wrote:
> On 18/07/2006, at 12:54 AM, Charles Duffy wrote:
>> I'm unfamiliar with the problem you're referring to, but one common
>> gotcha with bridging: If you want the system running the bridge to be
>> active on the network, you need to assign that system's IP to the
>> itself, and not to any of the interfaces making up that bridge.
> Yes, this was exactly my problem.
The other trap is routing the OpenVPN traffic via OpenVPN.
> I'm sure this is a pretty basic question, and if it's written up
> I'm more than happy to just go and read that.
> The situation as it stands is like this:
> openvpn1 router router openvpn2
> 192.168.99.250 --+ 192.168.99.220 --- 192.168.0.1 +-- 192.168.0.2
> | |
> 192.168.99.x ----' `-- 192.168.99.y
> As I currently understand it, in order to have openvpn2 exist on the
> network, it will need a 192.168.99 address, but I don't understand
> how it
> can then correctly pass openvpn traffic to the router.
Are you trying to bridge 2 LANs here? And their is no NAT between them?
If openvpn2 runs Linux you may be able use a routing policy to explicitly
route OpenVPN traffic.
However the simplelest solution is to either put a NAT between the
endpoints, or give the endpoints IP addresses which are on a subnet the
other endpoint is not, and use those for OpenVPN traffic.
You may give the hosts running OpenVPN additional IP addresses as well.
> Thanks a lot,
Member AFFS, WYLUG, SWP (UK), UAF, RESPECT, StWC
OpenPGP key fingerprint: D0A6 F403 9745 CED4 6B3B 94CC 8D74 8FC9 9F7F CFE4
No to software patents! Victory to the iraqi resistance!