Thanks! That seems to do the trick. I'm connected and even have MS network browsing accross the VPN. :)
/Claus *********** REPLY SEPARATOR *********** On 13-05-2005 at 08:45 Brent Gardner wrote: >Claus- > >Comments below. > >> -----Original Message----- >> From: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] On Behalf Of >> Claus H. Johansen >> Sent: Thursday, May 12, 2005 11:20 AM >> To: leaf-user@lists.sourceforge.net >> Subject: [leaf-user] Bering uclibc: OpenVPN in bridging mode >> without ifconfig? >> >> >> Hi, >> >> I'm trying to set up a Bering uclibc (ver. 2.0 beta3) box >> with OpenVPN >> in bridging mode. I've done this on a "standard" linux before, so I'm >> familiar with most of the tasks, but I can't seem to find a >> solution for >> the bridging part. >> >> The OpenVPN docs describe how to set up bridging of the tap and eth >> interfaces with a shell script using commands like: >> >> ifconfig tap0 0.0.0.0 promisc up >> ifconfig eth1 0.0.0.0 promisc up >> ifconfig br0 192.168.1.1 netmask 255.255.255.0 broadcast >> 192.168.1.255 >> >> Now, I've been trying to convert these commands to route2 >> syntax only to >> find that route2 no longer supports putting the interfaces in >> promiscuous mode. >> >> Any ideas about how to get around this would be appreciated. >> >> Thanks in advance. >> >> /Claus >> > >The way I have it working is I configure the bridge interface in >/etc/network/interfaces to include eth0 which is otherwise unconfigured. >The standard initialization scripts that run when Bering is booted create >all the necessary routes for the bridge. I run a script whenever OpenVPN >initializes using the 'up' command in /etc/openvpn/openvpn.conf. I've >included my conf files and script below. > >hth > >Brent Gardner >Network Administrator >IPRO Tech, Inc. > > ># /etc/network/interfaces -- configuration file for LEAF network ># ># Loopback interface. >auto lo >iface lo inet loopback > ># Step 4 (optional): configure a bridge >auto br0 >iface br0 inet static > address 10.0.12.1 > netmask 255.255.0.0 > broadcast 10.0.255.255 > gateway 10.0.0.1 > bridge_ports eth0 > > >#/etc/openvpn/openvpn.conf > ># ' or ';' may be used to delimit comments. ># > >mode server > >lport 1194 >proto udp >dev tap0 > >tun-mtu 1500 >tun-mtu-extra 32 >mssfix 1450 >fragment 1450 > >tls-server >dh /etc/openvpn/ca/dh2048.pem >ca /etc/openvpn/ca/my-ca.crt >crl-verify /etc/openvpn/ca/crl.pem >cert /etc/openvpn/server/office.crt >key /etc/openvpn/server/office.key >key-method 2 > >ping 10 >ping-restart 120 > >comp-lzo > >up /etc/openvpn/up.script >up-restart > >verb 5 >mute 5 > > >#/etc/openvpn/up.script > ># add OpenVPN's tap0 interface to bridge br0 ># >brctl addif br0 tap0 > ># enable the tap0 interface ># >ip link set tap0 up ------------------------------------------------------- This SF.Net email is sponsored by Oracle Space Sweepstakes Want to be the first software developer in space? Enter now for the Oracle Space Sweepstakes! http://ads.osdn.com/?ad_ids93&alloc_id281&op=click ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html