Briging local networks with openvpn

Thread: Briging local networks with openvpn

Search this list only Search all lists
Briging local networks with openvpn
	2008-03-20 16:52:57
Hi, I'm trying to set up the following LAN1 - LEAF1 - internet - LEAF2 - LAN2 LAN1 : 192.168.70.0/24 FW1 : auto eth0 iface eth0 inet static address EXT-IP1 netmask 255.255.255.252 gateway EXT-GW1 auto br0 iface br0 inet static address 192.168.70.253 netmask 255.255.255.0 broadcast 192.168.70.255 bridge_ports eth1 LAN2: 192.168.70.0/24 FW2: auto eth0 iface eth0 inet static address EXT-IP2 netmask 255.255.255.252 gateway EXT-GW2 auto br0 iface br0 inet static address 192.168.70.254 netmask 255.255.255.0 broadcast 192.168.70.255 bridge_ports eth1 Both LAN's can connect to the net, and it appears openvpn connects, but I can't reach ip's from the other LAN. on both FW's firefly# brctl show bridge name bridge id STP enabled interfaces br0 8000.0050baca8c0b no eth1 tap0 firefly# ip route EXT-NET/30 dev eth0 proto kernel scope link src EXT-IP1 192.168.70.0/24 dev br0 proto kernel scope link src 192.168.70.253 default via EXT-GW1 dev eth0 firefly2# ip route EXT-NET2/30 dev eth0 proto kernel scope link src EXT-IP2 192.168.70.0/24 dev br0 proto kernel scope link src 192.168.70.254 default via EXT-GW2 dev eth0 For setting up openvpn I kind off followed this : http:/ /www.linux.com/feature/58336?theme=print Can this be done ? Regards, Stefaan ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------ ------------ leaf-user mailing list: leaf-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/

Re: Briging local networks with openvpn
	2008-03-20 16:56:32
Stefaan Van Dooren wrote: > Hi, > > I'm trying to set up the following > > LAN1 - LEAF1 - internet - LEAF2 - LAN2 > > > LAN1 : 192.168.70.0/24 > FW1 : > auto eth0 > iface eth0 inet static > address EXT-IP1 > netmask 255.255.255.252 > gateway EXT-GW1 > > auto br0 > iface br0 inet static > address 192.168.70.253 > netmask 255.255.255.0 > broadcast 192.168.70.255 > bridge_ports eth1 > > > LAN2: 192.168.70.0/24 > FW2: > auto eth0 > iface eth0 inet static > address EXT-IP2 > netmask 255.255.255.252 > gateway EXT-GW2 > > auto br0 > iface br0 inet static > address 192.168.70.254 > netmask 255.255.255.0 > broadcast 192.168.70.255 > bridge_ports eth1 > > Both LAN's can connect to the net, and it appears openvpn connects, but > I can't reach ip's from the other LAN. > > on both FW's > > firefly# brctl show > bridge name bridge id STP enabled interfaces > br0 8000.0050baca8c0b no eth1 > tap0 > > firefly# ip route > EXT-NET/30 dev eth0 proto kernel scope link src EXT-IP1 > 192.168.70.0/24 dev br0 proto kernel scope link src 192.168.70.253 > default via EXT-GW1 dev eth0 > > firefly2# ip route > EXT-NET2/30 dev eth0 proto kernel scope link src EXT-IP2 > 192.168.70.0/24 dev br0 proto kernel scope link src 192.168.70.254 > default via EXT-GW2 dev eth0 > > For setting up openvpn I kind off followed this : > http:/ /www.linux.com/feature/58336?theme=print > > > Can this be done ? http://www.shor ewall.net/OPENVPN.html -Tom -- Tom Eastep Nothing is foolproof to a sufficiently talented fool Shoreline, http://shorewall.net Washington USA teastepshorewall.net PGP Public Key https://l ists.shorewall.net/teastep.pgp.key ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------ ------------ leaf-user mailing list: leaf-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/

Re: Briging local networks with openvpn
	2008-03-21 11:59:57
> -----Oorspronkelijk bericht----- > Van: leaf-user-bounceslists.sourceforge.net [mailto:leaf-user- > bounceslists.sourceforge.net] Namens Stefaan Van Dooren > Verzonden: donderdag 20 maart 2008 22:53 > Aan: leaf-userlists.sourceforge.net > Onderwerp: [leaf-user] Briging local networks with openvpn > > Hi, > > I'm trying to set up the following > > LAN1 - LEAF1 - internet - LEAF2 - LAN2 > > > LAN1 : 192.168.70.0/24 > FW1 : > auto eth0 > iface eth0 inet static > address EXT-IP1 > netmask 255.255.255.252 > gateway EXT-GW1 > > auto br0 > iface br0 inet static > address 192.168.70.253 > netmask 255.255.255.0 > broadcast 192.168.70.255 > bridge_ports eth1 > > > LAN2: 192.168.70.0/24 > FW2: > auto eth0 > iface eth0 inet static > address EXT-IP2 > netmask 255.255.255.252 > gateway EXT-GW2 > > auto br0 > iface br0 inet static > address 192.168.70.254 > netmask 255.255.255.0 > broadcast 192.168.70.255 > bridge_ports eth1 > > Both LAN's can connect to the net, and it appears openvpn connects, but > I can't reach ip's from the other LAN. > > on both FW's > > firefly# brctl show > bridge name bridge id STP enabled interfaces > br0 8000.0050baca8c0b no eth1 > tap0 > > firefly# ip route > EXT-NET/30 dev eth0 proto kernel scope link src EXT-IP1 > 192.168.70.0/24 dev br0 proto kernel scope link src 192.168.70.253 > default via EXT-GW1 dev eth0 > > firefly2# ip route > EXT-NET2/30 dev eth0 proto kernel scope link src EXT-IP2 > 192.168.70.0/24 dev br0 proto kernel scope link src 192.168.70.254 > default via EXT-GW2 dev eth0 > > For setting up openvpn I kind off followed this : > http:/ /www.linux.com/feature/58336?theme=print > > > Can this be done ? > > > Regards, > > Stefaan > After a good sleep and going through Tom's site again, I redid the whole thing, and this time it works a charm. (not sure what I did wrong the first time) New problem. On FW1 I also have some roadwarriors connecting with openvpn. They use a different openvpn server (no bridging), can connect to every IP in de LAN on LAN1, but non on LAN2. What am I missing ? Stefaan ------------------------------------------------------------ ------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------ ------------ leaf-user mailing list: leaf-userlists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/

[1-3]

about | contact Other archives ( Real Estate discussion Medical topics )