OpenVPN VPN Bridging

From Amahi Wiki
Revision as of 17:00, 31 January 2010 by Gboudreau (talk | contribs) (Created page with '== VPN Bridging == Here's the procedure you need to follow in order to have your VPN clients get IP addresses in the same subnet as your HDA. For example, if you HDA's IP is 19…')
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

VPN Bridging

Here's the procedure you need to follow in order to have your VPN clients get IP addresses in the same subnet as your HDA.

For example, if you HDA's IP is 192.168.0.2, by default, connecting to it using an OpenVPN client will give your client computer an IP address like 10.8.0.x. The following procedure will change this so that your client will receive an IP address like 192.168.0.x.

This is a work in progess... It doesn't work yet!

  • sudo yum install bridge-utils
  • sudo nano /usr/share/doc/openvpn-2.1-1/sample-scripts/bridge-start

Replace the values of eth_ip, eth_netmask and eth_broadcast in this file with the values you get from this command: 

ifconfig | grep -A 1 eth0 | tail -1 | awk -F':' '{print $2,$3,$4}' | awk '{print $1,$5,$3}'

Example: 

eth_ip="192.168.0.2"
eth_netmask ="255.255.255.0"
eth_ip="192.168.0.255"
  • sudo cp /usr/share/doc/openvpn-2.1.1/sample-scripts/bridge-start /etc/openvpn/; sudo chmod +x /etc/openvpn/bridge-start
  • sudo /etc/openvpn/bridge-start
  • sudo nano /etc/openvpn/amahi.conf

Remove the line that contains: dev tun and replace it with those two lines: 

mode server
dev tap0
  • Repeat the last step with /etc/openvpn/amahi-dup-cn.conf
  • sudo iptables -A INPUT -i tap0 -j ACCEPT
  • sudo iptables -A INPUT -i br0 -j ACCEPT
  • sudo iptables -A FORWARD -i br0 -j ACCEPT
  • sudo service openvpn restart
Retrieved from "https://wiki.amahi.org/index.php?title=OpenVPN_VPN_Bridging&oldid=7771"