Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Client Bridging not Working

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      galgier
      last edited by

      I have setup OpenVPN successfully several times, but I am now trying to get clients to use a bridged interface and I am stymied.

      I used the information in the topic "HOW TO: OpenVPN TAP Bridging with LAN".
      There are a few differences for my environment and I am not sure if they are the problem:

      On the OpenVPN definition:
      UDP vs TCP – I can't use UDP because of some home routers won't pass the traffic properly.
      Remote Access -- I use "User Auth".
      Bridge Interface -- LAN (is this correct?  I don't put the OPT1 interface or the BRIDGE0 interface here do I?)
      DHCP Start and Stop: I am using 172.17.60.201 through 250
      Compression -- I am not compressing.

      On the OPT1 interface:
      Type: none -- Is this correct?
      Network Port: ovpns2 (My Bridged VPN) -- I also have a routed VPN.  They won't conflict will they?

      Bridges:
      Members: LAN, OPT1

      I have tried the bridged VPN from both an iPad and WindowsXP.  When using the iPad, the error log looks like:

      Apr 12 16:10:44 	openvpn[50038]: Re-using SSL/TLS context
Apr 12 16:10:44 	openvpn[50038]: TCP connection established with [AF_INET]my-test-client-ip:30574
Apr 12 16:10:44 	openvpn[50038]: TCPv4_SERVER link local: [undef]
Apr 12 16:10:44 	openvpn[50038]: TCPv4_SERVER link remote: [AF_INET]my-test-client-ip:30574
Apr 12 16:10:44 	openvpn: user galgier authenticated
Apr 12 16:10:44 	openvpn[50038]: 74.8.208.5:30574 WARNING: 'dev-type' is used inconsistently, local='dev-type tap', remote='dev-type tun'
Apr 12 16:10:44 	openvpn[50038]: 74.8.208.5:30574 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1591', remote='link-mtu 1559'
Apr 12 16:10:44 	openvpn[50038]: 74.8.208.5:30574 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1532', remote='tun-mtu 1500'
Apr 12 16:10:44 	openvpn[50038]: 74.8.208.5:30574 [] Peer Connection Initiated with [AF_INET]my-test-client-ip:30574
Apr 12 16:10:44 	openvpn[50038]: 74.8.208.5:30574 MULTI_sva: pool returned IPv4=172.17.60.203, IPv6=1::1000:0:0:0
Apr 12 16:10:45 	openvpn[50038]: 74.8.208.5:30574 send_push_reply(): safe_cap=960
Apr 12 16:10:45 	openvpn[50038]: 74.8.208.5:30574 Connection reset, restarting [0]

      That's an immediate reset.

      When using the WindowsXP system:

      Apr 12 16:13:29 	openvpn[50038]: Re-using SSL/TLS context
Apr 12 16:13:29 	openvpn[50038]: TCP connection established with [AF_INET]my-test-client-ip:1101
Apr 12 16:13:29 	openvpn[50038]: TCPv4_SERVER link local: [undef]
Apr 12 16:13:29 	openvpn[50038]: TCPv4_SERVER link remote: [AF_INET]my-test-client-ip:1101
Apr 12 16:13:30 	openvpn: user galgier authenticated
Apr 12 16:13:30 	openvpn[50038]: 74.8.208.8:1101 [] Peer Connection Initiated with [AF_INET]my-test-client-ip:1101
Apr 12 16:13:30 	openvpn[50038]: 74.8.208.8:1101 MULTI_sva: pool returned IPv4=172.17.60.204, IPv6=1::f00:0:0:0
Apr 12 16:13:32 	openvpn[50038]: 74.8.208.8:1101 send_push_reply(): safe_cap=960
Apr 12 16:14:31 	openvpn[50038]: 74.8.208.8:1101 Connection reset, restarting [-1]

      The connection will stay up indefinitely, but I can't ping anything, even the LAN IP address.

      Have I set something wrong?  Am I missing something?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.