Menu
▾
▴
Re: [Openvpn-users] [noob] OpenVpn bridging mode configuration
|
From: Dave <de...@zi...> - 2007-07-29 17:51:26
|
>... >i have just installed openvpn , i got a scenario when i have small LAN = , we application servers in it >(oracle,apache...) , and i want people to connect to the lan and browse the lan ressource . >=20 >... > , when i start the bridge-start script , my network crash and i must restart the machine , i'm sure i have missed something somewhere , but i need a help to find what :d=20 >...=20 When you say 'crash' do you really mean crash, or just that networking = stop working abruptly? I personally have had to add the default gateway back = to the interface after doing all the bridge-start stuff. I'm assuming the default gateway in your scenario is 192.168.1.1. You = would add something like this at the end of your bridge-start script: route add default gw 192.168.1.1 And something like this at the end of the bridge-stop ifconfig eth0 192.168.1.201 up I say 'something like' because the syntax of the 'route' command depends = on the OS, but you're probably using Linux and that one shown will probably work. Double check the IPs I used because I'm guessing your setup. Also, not related to this problem, but in your server script I think you = can remove the lines: push "route 192.168.1.0 255.255.255.0" and also: client-to-client This is because you are using bridging, so all the clients will be on = the 192.168.1.x network already (not so if you were using tunnelling, then = you would need these lines). Lastly, and maybe it's not in your control, but since you're using 192.168.1.x for your local lan, you have a high likelihood of running = into problems down-the-line. That network is widely used for people's = internal LAN. So, if you had a client that was already on 192.168.1.x at a = remote site, then vpn'ed into your network, they would have two adapters with 192.168.1.x (the physical adapter, and the virtual one for openvpn). If = at all possible, chose a different number for the third octet. Almost = anything other than 0, 1, or 255 is better. Otherwise, you can only hope for the best. -Dave |
