>
> Looks like you want a simple p2p OpenVPN configuration rather than a
> client-server configuration.
>
> I tested this using a simple shared-key setup.
>
> I set up the bridge between two systems:
>
> 172.20.1.102 - ursa
> 172.20.1.254 - gateway
>
> Both systems, I configured a bridge with a single tun0 port.
>
> ursa br0 is 10.0.0.1/24
> gateway br0 is 10.0.0.2/24
>
> On ursa, I executed this command:
>
> openvpn --genkey --secret bridgekey
>
> I used scp to copy the 'bridgekey' file to the other system.
>
> On ursa, I then executed this command:
>
> openvpn --remote 172.20.1.254 --dev tap0 --key bridgekey
>
> and on gateway, I executed this command:
>
> openvpn --remote 172.20.1.102 --dev tap0 --key bridgekey
>
> Voila!!
>
> r...@ursa:~# ping 10.0.0.2
> PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
> 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=2.24 ms
> 64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=2.08 ms
> 64 bytes from 10.0.0.2: icmp_seq=3 ttl=64 time=2.43 ms
> 64 bytes from 10.0.0.2: icmp_seq=4 ttl=64 time=1.84 ms
> 64 bytes from 10.0.0.2: icmp_seq=5 ttl=64 time=2.10 ms
> 64 bytes from 10.0.0.2: icmp_seq=6 ttl=64 time=3.32 ms
> ^C
> --- 10.0.0.2 ping statistics ---
> 6 packets transmitted, 6 received, 0% packet loss, time 5006ms
> rtt min/avg/max/mdev = 1.846/2.340/3.326/0.476 ms
> r...@ursa:~#
>
> Hope that helps,
> Tom
Ok I configed both of these boxes this way. this
is the fist box as you can see br0 is 10.194.79.191/24
the other box the same with exception br0 10.194.79.177/24
Then at the command line
linux-rwu0:/etc/openvpn/easy-rsa/2.0 # openvpn --remote 75.149.172.89 --dev
tap0 --key bridgekey
Options error: Parameter priv_key_file can only be specified in TLS-mode, i.e.
where --tls-server or --tls-client is also specified.
Use --help for more information.
How is this tls mode?
My interfaces below
Also you state:
"Both systems, I configured a bridge with a single tun0 port"
Also is this supposed to mean single tap0 port ?
linux-rwu0:/etc/openvpn/easy-rsa/2.0 # ifconfig
br0 Link encap:Ethernet HWaddr 00:16:17:7E:FE:D1
inet addr:10.194.79.191 Bcast:10.194.79.255 Mask:255.255.255.0
inet6 addr: fe80::216:17ff:fe7e:fed1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:27 errors:0 dropped:0 overruns:0 frame:0
TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1446 (1.4 Kb) TX bytes:1050 (1.0 Kb)
eth0 Link encap:Ethernet HWaddr 00:14:D1:13:43:11
inet addr:75.149.172.88 Bcast:75.149.172.95 Mask:255.255.255.240
inet6 addr: fe80::214:d1ff:fe13:4311/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8756 errors:0 dropped:0 overruns:0 frame:0
TX packets:4071 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3122265 (2.9 Mb) TX bytes:724879 (707.8 Kb)
Interrupt:20 Base address:0x4000
eth1 Link encap:Ethernet HWaddr 00:16:17:7E:FE:D1
inet6 addr: fe80::216:17ff:fe7e:fed1/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:19183 errors:0 dropped:0 overruns:0 frame:0
TX packets:12750 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2066359 (1.9 Mb) TX bytes:5779702 (5.5 Mb)
Interrupt:23 Base address:0xc000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:69 errors:0 dropped:0 overruns:0 frame:0
TX packets:69 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9892 (9.6 Kb) TX bytes:9892 (9.6 Kb)
tap0 Link encap:Ethernet HWaddr 96:44:E4:EA:4A:E3
inet6 addr: fe80::9444:e4ff:feea:4ae3/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:20 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Mike
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
