[SOLVED] Use OpenVPN TUN as TAP?



  • I want to connect using TUN but I want pfSense to route all the traffic from the tunnel to the LOCAL address interface:

    i.e.  Tunnel address 192.168.100.0/24, a computer connects, gets IP 192.168.100.1, I want it to be able to see servers in LOCAL interface (192.168.1.0/24) so server1's IP 192.168.1.2 I want it to be accessible from 192.168.100.1 machine or any VPN machine.

    Thanks.



  • Anybody?  TUN setup on unrooted android device that allows me navigate through my LAN interface?


  • Banned

    Yeah, that's the whole point of the VPN. I seriously do not get what's your special issue with TUN.



  • I configured my TUN, I can connect, it has a 192.168.75.0/24 network, but I can't access my LAN which is 192.168.25.0/24 and I don't think I can add routes on my unrooted Toshiba Excite 10.


  • Banned

    Well, then you are doing it wrong. Impossible to advise without any information whatsoever on the configuration.



  • Server Mode: Peer to Peer ( SSL/TLS )
    Protocol: UDP
    Device Mode: tun
    Interface: WAN
    Local port: 1194
    Peer Certificate Authority: M4F1050-CA 
    Server Certificate: FIREWALL (CA: M4F1050-CA) *In Use M4F1050 (CA: M4F1050-CA) 
    DH Parameters Length: 1024 bits 
    Encryption algorithm: AES-128-CBC (128-bit)
    Hardware Crypto: BSD cryptodev engine - RSA, DSA, DH, DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192 …   
    Certificate Depth: (Client+Server)
    IPv4 Tunnel Network: 192.168.75.0/24
    IPv4 Local Network/s: 192.168.25.0/24
    Concurrent connections: 10
    Compression: Compress tunnel packets using the LZO algorithm. 
    Type-of-Service: Set the TOS IP header value of tunnel packets to match the encapsulated packet value. 
    Duplicate Connections: Allow multiple concurrent connections from clients using the same Common Name.  NOTE: This is not generally recommended, but may be needed for some scenarios.


  • Banned

    Where's "IPv4 Local Network/s"?



  • @doktornotor:

    Where's "IPv4 Local Network/s"?

    192.168.25.0/24


  • Banned

    OMG. Make a screenshot. Not interested in reading perpetually edited post.



  • Here is a screen shot.



  • Banned

    Peer-to-Peer is for site-to-site connection. Cannot see what are you trying to do here with the Android phone.



  • I'm going to sort this later on team viewer…



  • Actually I already did.  I had forgotten to open up UDP port 1195 on my modem, stupid me!  At first I changed the 1194 OpenVPN setting to TUN from TAP but since I couldn't get it to work at first I created a 2nd OpenVPN server (1195) and I never opened the port.  I'm using the TUN as a "TAP" on my Excite 10.  I can now see the local network (LAN) on my pfSense from my Excite connected via OpenVPN Connection (non-root)



  • Thats good - Now you are like everyone else.  Boring huh?



  • @kejianshi:

    Thats good - Now you are like everyone else.  Boring huh?

    LOL… I know right..?  I wanted to play with VoIP next...!  >:- )



  • VOIP - Yippie!  That never causes anyone hardship.  :P



  • If you are going to run a SIP server, remember to forward port 5060 OK?  I read some places it helps.