Bridging using OpenVPN
I need some help with creating a bridge using OpenVPN.
I am running the server side behind ISA on a windows XP box and the client on a wireless networked laptop, again with XP. I have created tunnels successfully and have been able to ping the server inside the ISA firewall.
Now I am trying to bridge the connection (need to bridge to allow broadcast traffic to reach the client). Looking at the status of OpenVPN on client and server, the client seems to connect to the server, but the connection is reset with the message:-
(On the client status monitor)
SIGUSR1[soft,connection reset] received, process restarting
(On the server status monitor)
SIGUSR1[soft,connection reset] received, clent instance restarting
I have included the .ovpn files below.
Server.ovpn
port 1194
proto tcp
dev tap0
dev-node tap0
ca "C:\\...\\ca.crt"
cert "C:\\...\\C0051XP.crt"
key "C:\\...\\C0051XP.key" # This file should be kept secret
dh "C:\\...\\dh1024.pem"
server-bridge 10.0.0.9 255.255.255.0 10.0.0.55 10.0.0.57
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Client.ovpn
client
dev tap0
dev-node tap0
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\...\\ca.crt"
cert "C:\\...\\C0077.crt"
key "C:\\...\\C0077.key"
comp-lzo
verb 4
I am running the server side behind ISA on a windows XP box and the client on a wireless networked laptop, again with XP. I have created tunnels successfully and have been able to ping the server inside the ISA firewall.
Now I am trying to bridge the connection (need to bridge to allow broadcast traffic to reach the client). Looking at the status of OpenVPN on client and server, the client seems to connect to the server, but the connection is reset with the message:-
(On the client status monitor)
SIGUSR1[soft,connection reset] received, process restarting
(On the server status monitor)
SIGUSR1[soft,connection reset] received, clent instance restarting
I have included the .ovpn files below.
Server.ovpn
port 1194
proto tcp
dev tap0
dev-node tap0
ca "C:\\...\\ca.crt"
cert "C:\\...\\C0051XP.crt"
key "C:\\...\\C0051XP.key" # This file should be kept secret
dh "C:\\...\\dh1024.pem"
server-bridge 10.0.0.9 255.255.255.0 10.0.0.55 10.0.0.57
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Client.ovpn
client
dev tap0
dev-node tap0
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\...\\ca.crt"
cert "C:\\...\\C0077.crt"
key "C:\\...\\C0077.key"
comp-lzo
verb 4
ASKER
Solved with some help from Janjust on sourceforge.net
The packets from the client were reaching the server just fine. However, the server did not have a route back to the client to reply (ping the client, destination unreachable). Adding a route (route add [ip of client] mask 255.255.255.240 [ip of ISA server] -p) solved the problem and the two machines connected right away.
Call this one closed.
Madrilleno
The packets from the client were reaching the server just fine. However, the server did not have a route back to the client to reply (ping the client, destination unreachable). Adding a route (route add [ip of client] mask 255.255.255.240 [ip of ISA server] -p) solved the problem and the two machines connected right away.
Call this one closed.
Madrilleno
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
remote x.y.z.199 1194