$300 for a webgui that would get the bridge function in open vpn
-
I would like a web gui for bridging function to work. I am willing to pay $300.00 for it. If there are any takers please email me. I would like to bridge more than 2. and also I have a central office that has 6 other offices that I would like it so that I can bridge the offices together at the cental office. Thanks in advance.
cowboynerd@gmail.com
Ps or if you could do it to http://www.tinc-vpn.org/ instead of openvpn. ether way it is the end results that matter. ;D
-
Seems like you know what you want between openvpn tunnel vs. bridging. As far as I know that the different between tun vs. tap is the ethernet broadcasts.
"The difference between a tun and tap device is this: a tun device is a virtual IP point-to-point device and a tap device is a virtual ethernet device. So getting back to the "long cable" analogy, using a tun device would be like having a T1 cable connecting the computers and using a tap device would be like having an ethernet network connecting the two computers. People who are running applications that need the special features of ethernet (which won't work on an IP-only network) will often bridge their physical local ethernet with a tap device (using a utility such as brctl on Linux), then VPN the tap device to another similar setup at the other end. This allows OpenVPN to route ethernet broadcasts and non-IP protocols such as Windows NetBios over the VPN. If you don't need the special features of ethernet (such as bridging capability), it's better to use a tun device."
You can use tun to connect to the windows file sharing or samba fine without the needs of bridging. The tutorial from the document does have a short instructions to setup it to use bridging but it's unstable with the kernel. Probably it's not good idea to implement it on the production server.
-
I dont think the kernel stability portion applies to the newer snapshot images.
-
It's more than just the broadcasts. It has to do with which OSI layer you are creating a connection at. TAP devices create a virtual ethernet adapter (layer 2). This not only lets you forward broadcasts, but makes your routing configuration a lot simpler and easier in a many clients -> single host scenario, because you don't have to add the routing rules that you do when using a TUN adapter (which creates a layer 3 device).
If you are only interested in Windows Networking (Network Neighborhood, NetBios names, etc), you can use a TUN interface with a WINS server on your network, but if you want to enable other broadcast traffic (Zeroconf, Bonjour, iTunes music sharing), you have to use an ethernet bridge with a TAP adapter.
-
I know this topic is old but let me example what zer0punk is asking for…. (I've talked with him about this).
He's looking for the ability to make a bridged VPN in the OpenVPN GUI. We've been able to create bridged VPNs and have them work fine from the command line but he's looking for something that'd keep us out of the command line. The option to toggle a bridged or routed VPN is the main thing. You'd have to then select which interface to bridge the TAP interface with unless you aren't going to be connecting traffic to the local LAN. (We've done this in cases where VPNs terminate at the box and connect together but don't connect to the office LAN). All the functionality is present.
You can select in Endian firewall in their Net2Net (which is pretty much setting up OpenVPN to connect to another OpenVPN server as a client) whether the VPN is bridged or routed. Being able to setup a multiple servers (something you can't do in Endian) bridged or routed would be a nice feature.
Also, the creation of certificates in the web GUI would be nice too. The addition of being able to do username/password authentication is something he likes about Endian firewall as well. (I've been adamant about using pfSense but these features have caused us to use Endian lately)
-
From what I am reading, you can bridge a VPN to an interface and be able to pass multicast traffic and upd traffic from LAN and bridged VPN device?
If so, can you at least provide the command line comands to achieve this. At least if someone was to implement a gui, it would help to know what works.
-
http://doc.pfsense.org/index.php/VPN_Capability_OpenVPN
-
I've looked into this feature before but stopped when I saw part in from the link that says:
Please note that not only is this unsupported, it appears to cause a kernel hang condition about once every 24 hours.
Has this been stabilized yet?
