I have setup a bridged connection using the guide on openvpn.sourceforge.net. The two linux gateways have established a vpn connection over the internet but i can''t seem to get anything through it. I''m using shorewall, but pretty much all the policies are open right now. One thing that i see i am doing different is that i have two different ip setups on the two networks. one is 192.168.7.0 and the other is 192.168.1.0. Now, on the br0 for each server, and on the clients i set a class b subnet mask so i figured this setup would be ok. Is it? What else could be wrong? I figure this is a shorewall configuration problem as opposed to openvpn because VPN says i''m connected, and it''s displaying RWRW across the link. i have the following on both boxes: #interfaces# net eth0 loc br0 vpn0 tap0 #policy# loc vpn0 ACCEPT vpn0 loc ACCEPT loc net ACCEPT net all DROP and for a time i had all all ACCEPT but nothing. Any Clues? I need to have a bridge working because i need broadcast packets to cross the link. _________________________________________________________________ Need more e-mail storage? Get 10MB with Hotmail Extra Storage. http://join.msn.com/?PAGE=features/es
Dave: Does any traffic go over the vpn? or are you having problems with just the broadcasts?? Jerry Vonau> I have setup a bridged connection using the guide on > openvpn.sourceforge.net. The two linux gateways have established a vpn > connection over the internet but i can''t seem to get > anything through it. I''m using shorewall, but pretty much all thepolicies> are open right now. One thing that i see i am doing different is that i > have two different ip setups on the two networks. one is 192.168.7.0 and > the other is 192.168.1.0. Now, on the br0 for each server, and on the > clients i set a class b subnet mask so i figured this setup would be ok.Is> it? What else could be wrong? I figure this is a shorewall configuration > problem as opposed to openvpn because VPN says i''m connected, and it''s > displaying RWRW across the link. > > i have the following on both boxes: > #interfaces# > net eth0 > loc br0 > vpn0 tap0 > #policy# > loc vpn0 ACCEPT > vpn0 loc ACCEPT > loc net ACCEPT > net all DROP > > and for a time i had all all ACCEPT but nothing. > > Any Clues? I need to have a bridge working because i need broadcastpackets> to cross the link. > > _________________________________________________________________> Need more e-mail storage? Get 10MB with Hotmail Extra Storage. > http://join.msn.com/?PAGE=features/es > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe:http://lists.shorewall.net/mailman/listinfo/shorewall-users> Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm
Hi Dave, FYI, in my setup I''m only doing ethernet bridging on one end (Linux machine). The other end of the tunnel is only one machine (Windows) that I want to appear on the LAN the Linux gateway is attached to. So you''ve gone further than I have with your choice of configuration On Sun, 7 Sep 2003, Dave B wrote:>i have the following on both boxes: >#interfaces# >net eth0 >loc br0 >vpn0 tap0Since you''re doing ethernet bridging, I don''t think that you need a separate VPN zone. The point of the ethernet bridging is to make the remote machine/network appear as if it''s part of the local LAN. I''m not convinced that you have the ethernet bridging setup correctly. What commands do you use to set it up? What''s the output of the ''ifconfig'' command? What''s the output from ''brctl show'' (as root)?>Any Clues? I need to have a bridge working because i need broadcast packets >to cross the link.Do you know how to use ethereal to sniff the network and see what''s going on? That can really be helpful. Is Shorewall logging anything? Jason