Site-to-site vpn

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
tqb
OpenVpn Newbie
Posts: 15
Joined: Fri May 08, 2020 6:36 am

Site-to-site vpn

Post by tqb » Thu May 28, 2020 10:23 am

I try this: https://openvpn.net/vpn-server-resource ... ess-server

I have two separate privat network. Router I use is Openwrt. Both privat network work properly, connection to internet work properly.

I build Access server and it works also properly. I build it to cloud server. All works, public ip, network, all.

I have two privat network, and I want connect it together via Access Server. Networks are really separate, many kilometer away.

First network LAN is 10.15.0.0/22. Default gateway, address of the router is 10.15.0.1. DHCP pool 10.15.1.1...10.15.1.254. (10.15.2.1...254 for spare...). Second network is identical BUT LAN ip is 10.16.0.0./22, 10.16.0.1, 10.16.1.1...10.16.1.254. AND YES, "eth0" and "eth1" is really clear and right... I am sure anyone say "this is wrong" so I say "not". Eth0=LAN, Eth1=WAN, and reason I use Openwrt it need 5 minutes change eth1=wan, eth0=LAN and change cables if this is problem.

So I want bridge this two network as one network.

https://openvpn.net/vpn-server-resource ... ess-server

This is VERY clear. But step 4: bridge_up.sh... "Also, change the IP address and subnet mask to a static IP you want to assign to the bridge (this IP address and subnet should be one that is located on the remote site you are trying to bridge). " bridge_up.sh is this: https://docs.openvpn.net/wp-content/upl ... idge-up.sh

QUESTION IS, HOW to change the ip and the mask in bridge_up.sh?

bridge_up.sh:
.....
echo Turning promiscuous mode on for TAP interface $tap...
ifconfig $tap 0.0.0.0 promisc up
echo Turning promiscuous mode on for Ethernet interface $eth...
ifconfig $eth 0.0.0.0 promisc up
....

No any information explain this step 4: "change the ip and subnet mask...". Now I test and try and google three days. This "step 4, ip and mask" is problem and this page does not explain it. ifconfig $tap 0.0.0.0 promisc up.... and ifconfig $eth 0.0.0.0 promisc up... I try change this ip as 10.15.0.0, 10.15.0.1 and all possible combinations. So: this step 4 "change the ip and subnet mask" is unpossible reason no information what must put it.

After changing ip:s, "restart" and "ifconfig br0", this say "ifconfig: br0: error fetching interface information: Device not found".

Any idea? I asked this also from openvpn support, but they have no any idea what this "step 4" mean. They cannot tell me how add this step-4 "ip and mask" to bridge_up.sh. Anyone know? Or is this step 4 any misinformation? Question is simply, but maybe problem is unpossible solve? Answer is "it is not possible change bridge_up.sh ip&mask, sorry, this step-4-information is fool and misinformation"?

tqb
OpenVpn Newbie
Posts: 15
Joined: Fri May 08, 2020 6:36 am

Re: Site-to-site vpn

Post by tqb » Thu May 28, 2020 12:32 pm

Additional information:

/etc/config/network file contain next (shortly)
config interface 'looback', lo, static, 127.0.01,255.0.0.0 (standard default)
config interface globals (default)
config interface lan, bridge, eth0, static, 10.15.0.1, 255.255.252.0
config interface wan, eth1 dhcp
(And this all in it cute right fine text not as here).

inconfig br0 no device. Ifconfig -a show br-lan, eth1, eth0 and lo.

---> maybe must force this "br0" to any place. How?

Post Reply