No internet from units inside LAN when TUN bridge is up

Stefanth · Post by **Stefanth** » Wed Jan 12, 2011 7:09 am

Hi

I have a working tun connection between my laptop and my home network.

The home network consist of a router (dlink-825 with openwrt and openvpn server) and a NAS.

The router also acts as DHCP server for the homenetwork

When I am outside the home network and open the bridge I can access all units on
the home network as if I was sitting at home.

I can also surfing from the laptop, using ftp etc. etc. as if everything was normal.

However, if I SSH into my NAS and try to ping an external site or use wget to download files
this does not work, both the ping and wget is "hanging".

Is this normal behaviour or have I configured the tun bridge wrong.

If the tun bridge is up and running, will all other units inside the router (with openvpn server)
be automatically disabled from WAN access ?

/Stefan

Post by **krzee** » Wed Jan 12, 2011 7:27 am

since you said lan connectivity works, i know you meant TAP bridge

did you check that the server machine still has a default gateway after making the bridge?
this could just be a matter of adding a line to your bridge script to add the gateway

Stefanth · Post by **Stefanth** » Wed Jan 12, 2011 10:32 am

Hi

Could be, because when I on the laptop enter ipconfig in the command window
I do not have anything on the "Standard-gateway" line on the "connection group"
where my 10..... number is.

I have configured the bridge so all HTTP request from my laptop should go via my home lan router

Here is my client configuration file

Code: Select all

client
proto udp
dev tun

mssfix 1400

remote xxx.xxx.xxx 1194
resolv-retry infinite
nobind

ca ca.crt
cert MiklaClient1.crt
key MiklaClient1.key
dh dh1024.pem


persist-key
persist-tun

# comp-lzo
verb 3

This is my server configuration file

Code: Select all


mode server
tls-server

port 1194
proto udp
dev tun

mssfix 1400

#Certificates
ca /etc/easy-rsa/keys/ca.crt
cert /etc/easy-rsa/keys/simply.dyndns.org.crt
key /etc/easy-rsa/keys/simply.dyndns.org.key
dh /etc/easy-rsa/keys/dh1024.pem

server 10.0.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.1.1"

persist-key
persist-tun

max-clients 3

#comp-lzo

verb 3
keepalive 10 120
log-append /var/log/openvpn/openvpn.log

ipconfig on my laptop

Code: Select all

Ethernet-connection Connected to local network 2:

   Connectionspecific DNS-suffix . :
   Linklocal IPv6-adress . . . . . . : xxxx::xxxx:xxxx:xxxx:xxxx
   IPv4-adress . . . . . . . . . . . : 10.0.0.6
   Netfilter. . . . . . . . . . . . . : 255.255.255.252
   Standard-gateway. . . . . . . . . :

Ethernet-connection Connected to local network:

   Connectionspecific DNS-suffix . : bredbandsbolaget.se
   Linklocal IPv6-adress . . . . . . : xxxx::xxxx:xxxx:xxxx:xxxx
   IPv4-adress . . . . . . . . . . . : 85.230.203.34
   Netfilter. . . . . . . . . . . . . : 255.255.240.0
   Standard-gateway. . . . . . . . . : 85.230.224.1

/Stefan

Post by **krzee** » Thu Jan 13, 2011 8:02 am

are you sure you need mssfix 1400? (do you know why you have this / what it does? if not comment them out of both configs)

ok, this is tun, but not a bridge (topic threw me off)!

did you NAT the vpn subnet in the router?
you need to =]

OpenVPN Support Forum

No internet from units inside LAN when TUN bridge is up

No internet from units inside LAN when TUN bridge is up

Re: No internet from units inside LAN when TUN bridge is up

Re: No internet from units inside LAN when TUN bridge is up

Re: No internet from units inside LAN when TUN bridge is up