On Wed, 2005-08-10 at 12:00 +1000, [EMAIL PROTECTED] wrote: > Send slug mailing list submissions to > slug@slug.org.au > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.slug.org.au/listinfo/slug > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of slug digest..." > Today's Topics: > > 1. openvpn test install (almost) ([EMAIL PROTECTED]) > email message attachment > On Wed, 2005-08-10 at 12:00 +1000, [EMAIL PROTECTED] wrote: > > On Wednesday 10 August 2005 06:40, [EMAIL PROTECTED] wrote: > > > ashley maher wrote: > > > > I'm attempting to build a test vpn using openvpn2 and Ubuntu. > > > > > > > > I have installed bridge-utils and openvpn2 using apt. > > > > > > > > I modified /etc/network/interfaces as the example in bridge-utils. > > > > > > > > I generated certificates fine. For testing I am using the supplied test > > > > certificates. > > > > > > > > Both the server and client appear to start properly. (I modded the > > > > example config files minimally for bridging.) Using the bridging howto. > > > > > > > > In the server config file is the line: > > > > server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100 > > > > > > > > According to the man page that sets the gateway and the ip range for the > > > > clients. > > > > > > > > The client does pick up 10.8.0.50 on the tap0. (Which br0 is > > > > 192.168.1.101 so the ip must come from the server as expected.) > > > > > > > > However on the server there is no ip on tap0. So I'm guessing that is > > > > why no tunnel! > > > > > > The tap device on the server does not need an ip (at least on my working > > > config it doesn't have one). I assume you have setup the bridge on the > > > server (it's independent to the openvpon config file)? > > > > > > > I've tried several things. > > > > > > > > Ideas, comments, url's to pages great fully received. > > > > Ashley I'd really appreciate any feedback. > > I used the route version as per the egs at openvpn.net. > > > > If I test on my 192.168.1 net (both sides) then each winders clients can > > ping > > the other and my SuSE 9.3 gateway. The server can ping the clients. The > > clients can telnet eg printer port on the server. Ah Ha! Not so fast Watson. > > > > When I put the clients behind a router on the internet connection is > > perfect, > > then the server drops packets (log: packet dropped) because instead of > > coming > > from internet.router.address they are coming from 192.168.local.router. > > > > I guess that you will have the same issue. > > > > So I'll give you my config if I get it working, would appreciate yours if > > you > > do so. I think this may be of help to you > > http://fedoranews.org/contributors/florin_andrei/openvpn/ > > > > James
James, My biggest problem was lack of sleep, hence mucking the ip numbers in the test. I got the test suite to the point I was happy that things "should work" but my setup couldn't go the "full distance". I need to do this for myself, and a client, so it it only temporarily "on the back burner". When I get it up I'll be more than happy to share. I got an openvpn1 working for a mate 18 months ago, this is for openvpn2. Regards, Ashley -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html