[ previous ] [ next ] [ threads ]
 
 From:  "Andrew Feldhacker" <afeldhacker at hotmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  1.2b8 OVPN: Bridging?
 Date:  Sat, 11 Jun 2005 03:59:45 -0700
Firstly, I would like to extend my most sincere thanks to those who have 
contributed so much in making m0n0wall possible; while it is a truly 
remarkable product with respect to its features alone, it is furthermore as 
a thing of sheer beauty when taking into account its elegant, and efficent, 
design and execution.


Second, as the 'search' functionality of the m0n0wall list does seem a bit 
lacking, I would like to apologize in advance if my question has been asked 
before, however, I have not been able to find anything definitive otherwise.


So:

Earlier this week, I opted to give 1.2b8 a go, and, due to its various 
positives over IPSec, I've recently taken a shot at setting up OpenVPN... 
only to find that, while I've gotten my connection *working*, and can send 
data over it (TUN or TAP) with no problems, it seems that I am unable to 
take advantage one positive I had most-eagerly been looking forward to in 
OVPN: bridging between the tunnel clients, and the local subnets attached to 
the OVPN server.


As I understand it, in order to enable bridging, OVPN normally takes an 
additional directive in the server-side configuration file, along with, at  
least in FBSD, a couple of sysctl commands which configure the bridge 
interface mappings.  That said, there are no options on the 'OpenVPN' 
configuration page for this functionality, nor, at least, according to the 
latest config.xml reference on the m0n0wall site, are there any 'hidden' 
configuration options for this.  I've also tried navigating to the 
'interfaces_opt.php?index=2' page and enabling bridging there, however, this 
did not work, nor did it seem an intended operation of this page.


So, my questions are: is OpenVPN bridging supported in 1.2b8?  And, if not, 
is this a feature that will potentially be supported in the near future?  
Barring that, are there at least any options I can put into config.xml in 
order to specify *just* my own custom routes?  I want to route between the 
OVPN and LAN subnets, however I *don't* want to redirect my client system's 
default gateway to run over the VPN, and I *don't* want to manually change 
my client system's routing table each time I connect to the VPN.


So that's it... Thanks for any help you have to offer; I understand there 
are a lot of other things for everyone to keep track of, so I really do 
appreciate it!

Thanks,
Andrew Feldhacker