Ok I'm almost there! The tunnel is up, and I changed what you mentioned below, everything is working as intended except I can not get the OpenVPN client to pull an IP via DHCP.
Before I check with the folks that wrote the client software I use and/or the OpenVPN folks, is there anything in Shorewall I could have potentially missed? If I'm just doing a simple bridge to tap0 I'm assuming everything should work as if the client were attached locally to the lan? I do see my systems in the Finder's sidebar, so at least I know Bonjour is working :) Thanks, Stephen On 2/4/10 4:00 PM, Tom Eastep wrote: > Stephen Brown wrote: > >> Thanks Tom, I did see the link you referenced below and it's thrown me >> off just a bit. >> >> To clarify, as it stands now I have this in /etc/shorewall/interfaces: >> loc eth1 detect >> tcpflags,nosmurfs,routefilter,logmartians >> >> (sorry for the wrap, but hopefully you'll get the idea) >> >> So I would just change eth1 to tap0 instead? >> > No -- re-read the article. You must: > > a) Assign your local IP address to *br0* and you take the IP address off > of eth1 (I see that you have already assigned 192.168.1.1 to br0). > > b) You replace eth1 with br0 in the /etc/shorewall/interfaces record and > add the 'routeback' option. That option allows traffic between tap0 and > eth1. > > c) If you have eth1 in the second column of /etc/shorewall/masq, replace > it with your local subnet (which appears to be 192.168.1.0/24). > > >> How will this affect my normal lan routing, if at all? >> > With the changes that I have outlined, your routing will remain the same. > > -Tom > > > > ------------------------------------------------------------------------------ > The Planet: dedicated and managed hosting, cloud storage, colocation > Stay online with enterprise data centers and the best network in the business > Choose flexible plans and management services without long-term contracts > Personal 24x7 support from experience hosting pros just a phone call away. > http://p.sf.net/sfu/theplanet-com > > > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
