Solved

Bridging using OpenVPN

Posted on 2006-06-14
3
1,528 Views
Last Modified: 2008-01-09
I need some help with creating a bridge using OpenVPN.
I am running the server side behind ISA on a windows XP box and the client on a wireless networked laptop, again with XP. I have created tunnels successfully and have been able to ping the server inside the ISA firewall.
Now I am trying to bridge the connection (need to bridge to allow broadcast traffic to reach the client). Looking at the status of OpenVPN on client and server, the client seems to connect to the server, but the connection is reset with the message:-

(On the client status monitor)
SIGUSR1[soft,connection reset] received, process restarting

(On the server status monitor)
SIGUSR1[soft,connection reset] received, clent instance restarting

I have included the .ovpn files below.

Server.ovpn

port 1194
proto tcp
dev tap0
dev-node tap0
ca "C:\\...\\ca.crt"
cert "C:\\...\\C0051XP.crt"
key "C:\\...\\C0051XP.key"  # This file should be kept secret
dh "C:\\...\\dh1024.pem"
server-bridge 10.0.0.9 255.255.255.0 10.0.0.55 10.0.0.57
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

Client.ovpn

client
dev tap0
dev-node tap0
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\...\\ca.crt"
cert "C:\\...\\C0077.crt"
key "C:\\...\\C0077.key"
comp-lzo
verb 4
0
Comment
Question by:Madrilleno
  • 2
3 Comments
 

Author Comment

by:Madrilleno
ID: 16901331
Forgot the following drom the Client.ovpn

remote x.y.z.199 1194
0
 

Author Comment

by:Madrilleno
ID: 16909685
Solved with some help from Janjust on sourceforge.net

The packets from the client were reaching the server just fine. However, the server did not have a route back to the client to reply (ping the client, destination unreachable). Adding a route (route add [ip of client] mask 255.255.255.240 [ip of ISA server] -p) solved the problem and the two machines connected right away.

Call this one closed.

Madrilleno
0
 

Accepted Solution

by:
RomMod earned 0 total points
ID: 16917488
Question closed - 500 points refunded.

Best regards,
RomMod
Experts Exchange
Community Support Moderator
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question