OpenVPN routing

Maciej Milewski milu at dat.pl
Tue Apr 26 06:07:12 UTC 2011 

On Tuesday 26 of April 2011 04:38:29, Ryan Coleman wrote:
> Also:
> [root at nbserver1 /usr/home/ryanc]# ifconfig
> em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
> mtu 1500 options=98<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
>         ether 00:14:22:15:dc:65
>         inet 192.168.46.2 netmask 0xffffff00 broadcast 192.168.46.255
>         media: Ethernet autoselect (1000baseT <full-duplex>)
>         status: active
> tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0
> mtu 1500 options=80000<LINKSTATE>
>         ether 00:bd:7e:86:1d:00
>         inet 192.168.47.1 netmask 0xffffff00 broadcast 192.168.47.255
>         Opened by PID 10341
> bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu
> 1500 ether 46:e1:75:c6:a3:a7
>         inet 192.168.47.254 netmask 0xffffff00 broadcast 192.168.47.255
>         id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
>         maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
>         root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
>         member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 5 priority 128 path cost 2000000
>         member: em0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
>                 ifmaxaddr 0 port 1 priority 128 path cost 20000
> 
> On Apr 25, 2011, at 9:36 PM, Ryan Coleman wrote:
> > I've got an OpenVPN connection working to my remote server, but I want to
> > route the traffic to the local LAN.
> > 
> > I have a bridge set up, pingable... but can't ping the em1 (192.168.46.2)
> > from the remote machine.
> > 
> > Server.conf:
...
> > server 192.168.47.0 255.255.255.0
From the man openvpn(8):
              Don't  use --server if you are ethernet bridging.  Use --server-
              bridge instead.
And additionally bridging means that you have to divide your local 
subnet(192.168.46.0/24) into two parts. Please have a look for the example at 
[1].

You may even not need bridging if you want to use two subnets of /24. Have you 
tried with standard setup(server) and configuring your default gateway(I 
suspect 192.168.46.1) with the routing information about openvpn subnet 
192.168.47.0/24?


[1] http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-
ethernet-bridging.html

Maciej Milewski

More information about the freebsd-questions mailing list