Hi Lorenz,
On 04/08/19 22:39, Lorenz wrote:
The network setup got scrambled in my previous email, so I made a
screenshot and attached it.
as you stated: your bridged setup is working, and your clients in
network B get their DHCP addresses from the server in network A. The
only thing missing is the default route for these clients.
That means it's the DHCP server in network A that is not pushing the
right default gateway to these clients. Which DHCP server software are
you using? For standard dhcpd, you'd add something like
# option routers is the same as the default gateway
option routers 10.129.36.1; (Default Gateway/Router for loading software)
option subnet-mask 255.255.255.0; (Default Gateway/Router Subnet Mask)
HTH,
JJK
On 8/4/19 10:15 PM, Lorenz wrote:
Hey there,
I'm trying to connect two networks using a bridged OpenVPN (site to
site) setup.
The OpenVPN server is located within network A and the OpenVPN client
in network B. Both networks are connected to the internet via a
router. Network A and network B do use different subnets.
The goal is to "move" all clients of network B (which are connected
to server 2's eth1) into network A. All clients of network B should
think they are actually in network A. They should get their DHCP
leases from the router of network A, be able to communicate with
every client within network A, and their internet traffic should look
like it has originated from network A.
The machine which is running the OpenVPN server has only one network
interface. The OpenVPN client, on the other hand, has two, one
connected to the router and the other one to all the clients.
Bridging the tap adapter and the network interface on the OpenVPN
server machine works as expected. On the OpenVPN client's machine,
I'm using the same up script as on the server with minor
modifications to bridge the tap adapter with eth1.
Everything seems to work. Clients of network B do get DHCP leases
from the router of network A and can communicate with all clients
located in network B.
But there is one tiny problem: All the clients of network B do not
add any default routes. When manually adding a default route on the
clients of network B through the router of network a (ip route add
default via router-a-address-here), the setup works as it should.
Clients of network B then can reach the internet through network A.
The OpenVPN guide for ethernet bridging [1] mentions some iptable
rules, which I do not think are necessary, because they did not make
any difference.
The up and down scripts used by me originate from [2].
All machines run Debian Buster.
I do know the directive "redirect-gateway def1" can be used to add a
default route to the OpenVPN client's machine, but this does not
affect the remaining clients of network B.
Do you know why all clients of network B do get DHCP leases of
network A but do not add any default routes? Shouldn't they
automatically add default routes when getting DHCP leases?
Thank you for your help!
Best
Lorenz
[1]
https://openvpn.net/community-resources/ethernet-bridging/#bridge-server-on-linux
[2] https://wiki.archlinux.org/index.php/OpenVPN_Bridge
Network A Network B
------------------ ---------- ---------- ------------------ ----------
| Sever 1 | -------- | Router | -------- INTERNET
-------- | Router | -------- eth0 | Server 2 | eth1
------- | Client |
| OpenVPN Server | | ---------- ---------- | OpenVPN Client
| | ----------
------------------ | ------------------ |
| | ----------
------------------ | |--- | Client |
| Client | ----| | ----------
------------------ | |
| | ----------
------------------ | |---- | Client |
| Client | ----| | ----------
------------------ | |
... ...
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
