OpenVPN Configuration (Was XP Linksys DHCP Hatred)
hans at fugal.net
Fri Oct 28 07:00:24 MDT 2005
On Fri, 28 Oct 2005 at 02:11 -0600, Chris Carey wrote:
> This talk about OpenVPN got me interested in it. I installed OpenVPN
> on the OpenWRT linux distro on a Linksys WRT54G. After some work I was
> able to get "routed" mode working. At this point the client can ping
> the server machine and can connect to it. The client can not see the
> rest of the LAN though. After many hours its getting a little
> frustrating. In the docs it says that this can be solved using
> "bridged" mode , which Ive tried. For some reason "bridged mode"
> requires SSL/tls certificates . Created them, set them up. No go. Some
> how-tos also say that it can be done in "routed" mode with more rules.
> I prefer using "routed" mode with a secret key file. It seems to work
> smoother at this point.
Ok, we need more information. Internal IP addresses, network topology,
and the entire openvpn config (minus the shared keys) for both sides
would help too.
I think you're confused about bridging requiring TLS, it does not. It
would require you to set up the wrt with bridging which is not a walk in
the park. In any case you should be able to get routing mode to work,
all that will not work is broadcast traffic such as smb without wins.
> ip_forwarding is enabled on the firewall (which is also the OpenVPN
> server). The server creates a tun0 rule for the VPN so I added rules:
> iptables -I FORWARD -i tun0 -j ACCEPT
> iptables -I FORWARD -o tun0 -j ACCEPT
> Still cant ping any other machines on the LAN thru VPN. Only the server.
Again, I'll need more information, but it's probably a routing issue.
Hans Fugal ; http://hans.fugal.net
There's nothing remarkable about it. All one has to do is hit the
right keys at the right time and the instrument plays itself.
-- Johann Sebastian Bach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: Digital signature
Url : http://plug.org/pipermail/plug/attachments/20051028/33c4bb10/attachment.bin
More information about the PLUG