[Openvpn-users] DHCP via OpenVPN

[Willy Offermans]

Hello Patrick,

On Mon, Mar 19, 2007 at 11:47:58PM +0100, Patrick Holthaus wrote:
> Hi again!
> 
> > > Now my questions are:
> > > Do I need bridging for making the DHCP server work in the VPN?
> > > How should the configuration files look like?
> >
> > You __do not__ need bridging for making the DHCP server work in the VPN
> > environment!
> 
> Thank you. I think many people appearently do not know that bridging is not 
> needed to make it work. So many have told me I had to set up bridging...
> 
> > Your server and client should use the tap device to communicate. Did
> > you establish that connection? Remove the line:
> > server-bridge 10.8.0.1 255.255.255.0 10.8.0.100 10.8.0.199
> > from your ``server'' configuration file. The vpn communication still
> > should work! Make sure the dhcpd is listening on the tap device and
> > assigns IP appropriately. Make sure the dhcpd updates the named.
> 
> It took me a few moments to recognize that the dhcpd only listens on tap0 if 
> it is started afterwards. I could have guessed that...

This is indeed the case and causes me some headache. I'm running
FreeBSD and I'm looking to configure and initialize the tap device at
boot time. In that way dhcpd and named have the device present at the
time it is needed. Since if the machine has to be rebooted, and luckily this only
happens very rarely (making this issue even more difficult), then I
have to restart dhcpd and named manually. This is something you easily
going to forget about! Since FreeBSD is to serve you, I'm looking how
to tackle this little inconvenience. So if you want to know more, have
a look in the FreeBSD stable mailing list as well.

> 
> > Now depending on what you want to do, it can be handy to have a bridge
> > between the tap device of the server and the normal NIC. It can also be
> > handy to have a separate subdomain for the vpn clients or not. Make up
> > your mind!
> 
> I am. Thanks for your suggestions. You pointed out some useful things.
> Finally i got it working...

Perfect, it is a nice piece of software and our road warriors
appreciate it a lot.

> 
> Patrick


-- 
Met vriendelijke groeten,
With kind regards,
Mit freundlichen Gruessen,
De jrus wah,

Willy

*************************************
W.K. Offermans
Home:   +31 45 544 49 44
Mobile: +31 653 27 16 23
e-mail: Willy at Offermans.Rompen.nl

                                       Powered by ....

                                            (__)
                                         \\\'',)
                                           \/  \ ^
                                           .\._/_)

                                       www.FreeBSD.org