Managed connection - Dev Tap - Nothing More

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
boxrick
OpenVpn Newbie
Posts: 1
Joined: Mon Sep 03, 2012 11:14 pm

Managed connection - Dev Tap - Nothing More

Post by boxrick » Mon Sep 03, 2012 11:23 pm

Simply put, I have created an OpenVPN connection it connects and authenticates but then the connection doesn't work....
This is running on Centos 6 Minimal Install, during the testing IPTABLES and SELINUX are disabled, the ports are mapped and routed correctly just I believe the connection is not being created properly by the server.

Tunneling is not adequate in this scenario and bridging is required. Any help would be greatly appreciated

I am attempting to follow this tutorial in general:

http://www.server-world.info/en/note?os ... &p=openvpn

Here are my configs:

Client:

Code: Select all

client
dev tap
proto udp
remote  EXTERNAL IP EXTERNALPORT
resolv-retry infinite
nobind
ca HomeBridgeCA.crt
cert HomeBridge.crt
key HomeBridge.key
cipher AES-128-CBC
comp-lzo
mute-replay-warnings
Server.conf

Code: Select all

port INTERNALPORT

proto udp

dev tap0

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem

server-bridge 192.168.1.249 255.255.255.0 192.168.1.71 192.168.1.75

push "route 192.168.1.0 255.255.255.0"

keepalive 10 120

cipher AES-128-CBC   # AES
comp-lzo

persist-key
persist-tun

status /var/log/openvpn-status.log
log /var/log/openvpn.log
log-append /var/log/openvpn.log
verb 3
And finally the top of my bridge start:

Code: Select all

#!/bin/sh

#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################

# Define Bridge Interface
br="br0"

# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"

# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="192.168.1.249"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.1.255"
And an Ifconfig output:

Code: Select all

br0       Link encap:Ethernet  HWaddr 00:0C:29:68:51:6E
          inet addr:192.168.1.249  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe68:516e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2198 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1508 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:164133 (160.2 KiB)  TX bytes:240144 (234.5 KiB)

eth0      Link encap:Ethernet  HWaddr 00:0C:29:68:51:6E
          inet addr:192.168.1.248  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe68:516e/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:13802 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9148 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1670226 (1.5 MiB)  TX bytes:1380826 (1.3 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:800 (800.0 b)  TX bytes:800 (800.0 b)

tap0      Link encap:Ethernet  HWaddr 5E:BB:E9:93:F9:8B
          inet6 addr: fe80::5cbb:e9ff:fe93:f98b/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:123 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1404 errors:0 dropped:3 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:13439 (13.1 KiB)  TX bytes:96572 (94.3 KiB)
Top
User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:
Contact maikcat

Re: Managed connection - Dev Tap - Nothing More

Post by maikcat » Tue Sep 04, 2012 7:31 am

hi there,

can you connect to server?!?!!? (you are using a DIFFERENT ca file..)

keep in mind that ip forwarding must be enabled on server...

what your clients OS is?


Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"
Top
geek
OpenVpn Newbie
Posts: 1
Joined: Tue Jan 28, 2025 9:37 am

Re: Managed connection - Dev Tap - Nothing More

Post by geek » Tue Jan 28, 2025 9:38 am

Setting up Squid and SquidGuard for domain restrictions was tougher than I expected — especially configuring the blacklist database and permissions. I spent hours troubleshooting why some domains weren’t getting blocked until I realized it was a simple ownership issue with SquidGuard’s directories.

What helped me immensely during this chaos was finding **[Install Cockpit on Debian 12](https://docs.vultr.com/how-to-install-c ... -debian-12)**. Cockpit made monitoring system resources and handling services so much easier. Definitely recommend it if you're trying to streamline server management while dealing with configuration headaches like this!
Top
Post Reply

Return to “Configuration”