-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm running Shorewall 4.4.0/Debian Lenny and I'm trying to setup OpenVPN
with a mild degree of success so far.
My ultimate end goal is to basically have an extension of my home lan to
my laptop as well as my wife's when we are away from home, and have all
of my normal network resources available as if I were sitting at home
locally on the lan.
I run a mix of Linux/OSX machines on a single 192.168.1.0/24 subnet with
shorewall, the subnet is on eth1 of my firewall machine respectively, my
DSL modem is on eth0.
- From what I have read today, I need to use OpenVPN in "bridge" mode
which I believe to have accomplished thus far (I can at least get the
tunnel to come up), but I am unable to pull an IP via DHCP to the DHCP
server sitting on the firewall (bound to eth1, same as local lan. I'm
using dhcpd)
I've poured through the bridging and OpenVPN docs on the shorewall site,
but I'll admit I'm a little lost and could use some direction. I think I
understand a little bit on what's left to be done, but not sure what
direction to take next?
In the end, I think I basically want to bridge eth1 to tap0, which I
believe I have already accomplished:
bubastis:/etc/openvpn# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.002127e00061 no eth1
tap0
bubastis:/etc/openvpn# ifconfig br0
br0 Link encap:Ethernet HWaddr 00:21:27:e0:00:61
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::221:27ff:fee0:61/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8031 errors:0 dropped:0 overruns:0 frame:0
TX packets:4782 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:671285 (655.5 KiB) TX bytes:756178 (738.4 KiB)
bubastis:/etc/openvpn# ifconfig tap0
tap0 Link encap:Ethernet HWaddr 00:ff:72:cd:d1:b5
inet6 addr: fe80::2ff:72ff:fecd:d1b5/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:36 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:231 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:8902 (8.6 KiB) TX bytes:750 (750.0 B)
Am I on the right track for accomplishing what I am trying to do? I
think my next step is to add something to the zones and policy files,
but not 100% sure....
Any help appreciated...
Thanks,
Stephen
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAktrHEsACgkQ3sJXNEncx7iBFgCfbctJTFQr6ckEGA0McroELlya
j34AnigDAduPziKYomCUX0VoFzOIN/5w
=1vXN
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
