From: Stephen B. <ste...@gm...> - 2010-02-04 19:13:34
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm running Shorewall 4.4.0/Debian Lenny and I'm trying to setup OpenVPN with a mild degree of success so far. My ultimate end goal is to basically have an extension of my home lan to my laptop as well as my wife's when we are away from home, and have all of my normal network resources available as if I were sitting at home locally on the lan. I run a mix of Linux/OSX machines on a single 192.168.1.0/24 subnet with shorewall, the subnet is on eth1 of my firewall machine respectively, my DSL modem is on eth0. - From what I have read today, I need to use OpenVPN in "bridge" mode which I believe to have accomplished thus far (I can at least get the tunnel to come up), but I am unable to pull an IP via DHCP to the DHCP server sitting on the firewall (bound to eth1, same as local lan. I'm using dhcpd) I've poured through the bridging and OpenVPN docs on the shorewall site, but I'll admit I'm a little lost and could use some direction. I think I understand a little bit on what's left to be done, but not sure what direction to take next? In the end, I think I basically want to bridge eth1 to tap0, which I believe I have already accomplished: bubastis:/etc/openvpn# brctl show bridge name bridge id STP enabled interfaces br0 8000.002127e00061 no eth1 tap0 bubastis:/etc/openvpn# ifconfig br0 br0 Link encap:Ethernet HWaddr 00:21:27:e0:00:61 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::221:27ff:fee0:61/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:8031 errors:0 dropped:0 overruns:0 frame:0 TX packets:4782 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:671285 (655.5 KiB) TX bytes:756178 (738.4 KiB) bubastis:/etc/openvpn# ifconfig tap0 tap0 Link encap:Ethernet HWaddr 00:ff:72:cd:d1:b5 inet6 addr: fe80::2ff:72ff:fecd:d1b5/64 Scope:Link UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:36 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:231 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:8902 (8.6 KiB) TX bytes:750 (750.0 B) Am I on the right track for accomplishing what I am trying to do? I think my next step is to add something to the zones and policy files, but not 100% sure.... Any help appreciated... Thanks, Stephen -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAktrHEsACgkQ3sJXNEncx7iBFgCfbctJTFQr6ckEGA0McroELlya j34AnigDAduPziKYomCUX0VoFzOIN/5w =1vXN -----END PGP SIGNATURE----- |