[SOLVED] Use OpenVPN TUN as TAP?

m4f1050 · Sep 16, 2013, 8:03 AM

I want to connect using TUN but I want pfSense to route all the traffic from the tunnel to the LOCAL address interface:

i.e. Tunnel address 192.168.100.0/24, a computer connects, gets IP 192.168.100.1, I want it to be able to see servers in LOCAL interface (192.168.1.0/24) so server1's IP 192.168.1.2 I want it to be accessible from 192.168.100.1 machine or any VPN machine.

Thanks.

m4f1050 · Sep 16, 2013, 3:32 PM

Anybody? TUN setup on unrooted android device that allows me navigate through my LAN interface?

doktornotor · Sep 16, 2013, 3:34 PM

Yeah, that's the whole point of the VPN. I seriously do not get what's your special issue with TUN.

m4f1050 · Sep 16, 2013, 3:35 PM

I configured my TUN, I can connect, it has a 192.168.75.0/24 network, but I can't access my LAN which is 192.168.25.0/24 and I don't think I can add routes on my unrooted Toshiba Excite 10.

doktornotor · Sep 16, 2013, 3:39 PM

Well, then you are doing it wrong. Impossible to advise without any information whatsoever on the configuration.

m4f1050 · Sep 16, 2013, 4:03 PM

Server Mode: Peer to Peer ( SSL/TLS )
Protocol: UDP
Device Mode: tun
Interface: WAN
Local port: 1194
Peer Certificate Authority: M4F1050-CA
Server Certificate: FIREWALL (CA: M4F1050-CA) *In Use M4F1050 (CA: M4F1050-CA)
DH Parameters Length: 1024 bits
Encryption algorithm: AES-128-CBC (128-bit)
Hardware Crypto: BSD cryptodev engine - RSA, DSA, DH, DES-CBC, DES-EDE3-CBC, AES-128-CBC, AES-192 …
Certificate Depth: (Client+Server)
IPv4 Tunnel Network: 192.168.75.0/24
IPv4 Local Network/s: 192.168.25.0/24
Concurrent connections: 10
Compression: Compress tunnel packets using the LZO algorithm.
Type-of-Service: Set the TOS IP header value of tunnel packets to match the encapsulated packet value.
Duplicate Connections: Allow multiple concurrent connections from clients using the same Common Name. NOTE: This is not generally recommended, but may be needed for some scenarios.

doktornotor · Sep 16, 2013, 4:01 PM

Where's "IPv4 Local Network/s"?

m4f1050 · Sep 16, 2013, 4:03 PM

@doktornotor:

Where's "IPv4 Local Network/s"?

192.168.25.0/24

doktornotor · Sep 16, 2013, 4:04 PM

OMG. Make a screenshot. Not interested in reading perpetually edited post.

m4f1050 · Sep 16, 2013, 4:26 PM

Here is a screen shot.

doktornotor · Sep 16, 2013, 5:30 PM

Peer-to-Peer is for site-to-site connection. Cannot see what are you trying to do here with the Android phone.

kejianshi · Sep 16, 2013, 5:59 PM

I'm going to sort this later on team viewer…

m4f1050 · Sep 16, 2013, 11:27 PM

Actually I already did. I had forgotten to open up UDP port 1195 on my modem, stupid me! At first I changed the 1194 OpenVPN setting to TUN from TAP but since I couldn't get it to work at first I created a 2nd OpenVPN server (1195) and I never opened the port. I'm using the TUN as a "TAP" on my Excite 10. I can now see the local network (LAN) on my pfSense from my Excite connected via OpenVPN Connection (non-root)

kejianshi · Sep 16, 2013, 11:26 PM

Thats good - Now you are like everyone else. Boring huh?

m4f1050 · Sep 16, 2013, 11:28 PM

@kejianshi:

Thats good - Now you are like everyone else. Boring huh?

LOL… I know right..? I wanted to play with VoIP next...! >:- )

kejianshi · Sep 16, 2013, 11:31 PM

VOIP - Yippie! That never causes anyone hardship. :P

kejianshi · Sep 16, 2013, 11:34 PM

If you are going to run a SIP server, remember to forward port 5060 OK? I read some places it helps.