OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Bridging internal VMware lab and internal clients

https://forums.openvpn.net/viewtopic.php?t=1423

Page 1 of 1

Bridging internal VMware lab and internal clients

Posted: Thu Nov 05, 2009 9:45 pm
by larrywl
noob to OpenVPN. I need to create a VMware lab environment within our corporate network, which must be on a separate subnet from the rest of the network. A couple of staff need to access this virtual lab from within the corporate network (not through the Internet), and must use tools on their desktops to "touch" the lab machines (hence the need for a VPN connection). I would like to create a bridged OpenVPN configuration.

Lots of questions!

1) Where do I put the OpenVPN server? Within the lab ("private" subnet) or on the subnet with the staff?
(At this point, I don't even know what type of VM environment to use - Bridged, NAT, or HostOnly!)
2) Depending on the VM environment, would the OpenVPN server possibly need to have 2 nics assigned (1 for the VPN and 1 for the non-private subnet)?
3) I presume that I would use TAP and not TUN?

I've played with various configurations for the last 2 days, and despite having various degrees of success, I never quite get to the point where I get a tunnel going. I've read about lots of "gotchas", such as having to manually persuade VMware to put a bridged adapter into promiscuous mode, and now believe that I've started to overthink the whole process.

Any thoughts, directions, examples, hand-written notes on napkins, etc. would be appreciated!

Additional info: The OpenVPN server for the lab network is Windows (the lab has various Linux and Windows machines). The clients would be Ubuntu Linux.

Re: Bridging internal VMware lab and internal clients

Posted: Fri Nov 06, 2009 5:17 pm
by ecrist
Welcome!
Where do I put the OpenVPN server? Within the lab ("private" subnet) or on the subnet with the staff?
(At this point, I don't even know what type of VM environment to use - Bridged, NAT, or HostOnly!)
The server will be the door to the private subnet. As such, it will exist on both the staff LAN and the private/test LAN.
2) Depending on the VM environment, would the OpenVPN server possibly need to have 2 nics assigned (1 for the VPN and 1 for the non-private subnet)?
Yes. If it were my setup, NIC1 would be the test LAN, NIC2 would be the staff LAN. In your case, I would use TAP and bridge tap0 and NIC1.
3) I presume that I would use TAP and not TUN?
I would, in your case, but TUN would work fine, as well.

I would recommend Linux as the OpenVPN server (FreeBSD, actually), as it's easier to configure bridging and such, in my experience. With the bridge setup above, your staff will have an IP on the test LAN, so no routing there to worry about.

Re: Bridging internal VMware lab and internal clients

Posted: Fri Nov 06, 2009 10:00 pm
by larrywl
Thank you for the response. I've attempted to change my configurations to match the suggestions above, but still do not make a connection. I will try to post my configurations logically here to see if my (probably simple) configuration error(s) can be pointed out:

1) Internal "staff" network (the normal network that we run from day-to-day). These systems will be the VPN clients:
IP subnet: 192.168.102.x
Gateway: 192.168.102.254

client.ovpn:

Code: Select all

client
dev tap
remote UbuntuVPN.xxx.xxx 1194
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1
cipher BF-CBC
comp-lzo
verb 6
2) The OpenVPN server (UbuntuVPN):
nic1 / eth0 (configured under VMware as "Bridged") -> This is the private "lab" network
IP address: 172.16.199.201

nic2 / eth1 (configured under VMware as "NAT") (I also tried "Host Only") -> This is in the normal "staff" network"
IP address: 192.168.102.64

Here is the interfaces config:

Code: Select all

auto lo br0
iface lo inet loopback
iface br0 inet static
  address 172.16.199.201
  netmask 255.255.255.0
  gateway 172.16.199.2
  bridge_ports ports eth0
  bridge_fc 9
  bridge_hello 2
  bridge_maxage 12
  bridge_stp off

iface eth0 inet manual
  up ifconfig $IFACE 0.0.0.0 up
  up ip link set $IFACE promisc on
  down ip link set $IFACE promisc off
  down ifconfig $IFACE down
(I also found and followed instructions to manually set the VMware switch to promiscuous mode)

server.conf

Code: Select all

mode server
tls-server
local 172.16.199.201
port 1194
proto udp
dev tap1
up "/etc/openvpn/up.sh br0"
down "/etc/openvpn/down.sh bro"
persist-key
persist-tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
tls-auth ta.key 0
cipher BF-CBC
comp-lzo
ifconfig-pool-persist ipp.txt
server-bridge 192.168.102.59 255.255.255.0 192.168.102.240 192.168.102.242
push "dhcp-option 192.168.0.20"
puch "dhcp-option xxx.xxx"
max-clients 4
client-to-client
user nobody
group nogroup
keepalive 10 120
status openvpn-status.log
verb 3
management localhost 7505
Here is the client.log when trying to establish the VPN session:

Code: Select all

Fri Nov 06 16:00:32 2009 us=147417 Current Parameter Settings:
Fri Nov 06 16:00:32 2009 us=147466   config = 'client.ovpn'
Fri Nov 06 16:00:32 2009 us=147477   mode = 0
Fri Nov 06 16:00:32 2009 us=147486   show_ciphers = DISABLED
Fri Nov 06 16:00:32 2009 us=147495   show_digests = DISABLED
Fri Nov 06 16:00:32 2009 us=147505   show_engines = DISABLED
Fri Nov 06 16:00:32 2009 us=147514   genkey = DISABLED
Fri Nov 06 16:00:32 2009 us=147523   key_pass_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147532   show_tls_ciphers = DISABLED
Fri Nov 06 16:00:32 2009 us=147540   proto = 0
Fri Nov 06 16:00:32 2009 us=147549   local = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147560   remote_list[0] = {'UbuntuVPN.xxx.xxx', 1194}
Fri Nov 06 16:00:32 2009 us=147569   remote_random = DISABLED
Fri Nov 06 16:00:32 2009 us=147578   local_port = 1194
Fri Nov 06 16:00:32 2009 us=147587   remote_port = 1194
Fri Nov 06 16:00:32 2009 us=147596   remote_float = DISABLED
Fri Nov 06 16:00:32 2009 us=147605   ipchange = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147614   bind_local = DISABLED
Fri Nov 06 16:00:32 2009 us=147623   dev = 'tap'
Fri Nov 06 16:00:32 2009 us=147632   dev_type = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147641   dev_node = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147650   tun_ipv6 = DISABLED
Fri Nov 06 16:00:32 2009 us=147659   ifconfig_local = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147668   ifconfig_remote_netmask = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147679   ifconfig_noexec = DISABLED
Fri Nov 06 16:00:32 2009 us=147688   ifconfig_nowarn = DISABLED
Fri Nov 06 16:00:32 2009 us=147696   shaper = 0
Fri Nov 06 16:00:32 2009 us=147705   tun_mtu = 1500
Fri Nov 06 16:00:32 2009 us=147714   tun_mtu_defined = ENABLED
Fri Nov 06 16:00:32 2009 us=147723   link_mtu = 1500
Fri Nov 06 16:00:32 2009 us=147732   link_mtu_defined = DISABLED
Fri Nov 06 16:00:32 2009 us=147741   tun_mtu_extra = 32
Fri Nov 06 16:00:32 2009 us=147750   tun_mtu_extra_defined = ENABLED
Fri Nov 06 16:00:32 2009 us=147760   fragment = 0
Fri Nov 06 16:00:32 2009 us=147769   mtu_discover_type = -1
Fri Nov 06 16:00:32 2009 us=147777   mtu_test = 0
Fri Nov 06 16:00:32 2009 us=147786   mlock = DISABLED
Fri Nov 06 16:00:32 2009 us=147795   keepalive_ping = 0
Fri Nov 06 16:00:32 2009 us=147804   keepalive_timeout = 0
Fri Nov 06 16:00:32 2009 us=147813   inactivity_timeout = 0
Fri Nov 06 16:00:32 2009 us=147828   ping_send_timeout = 0
Fri Nov 06 16:00:32 2009 us=147838   ping_rec_timeout = 120
Fri Nov 06 16:00:32 2009 us=147848   ping_rec_timeout_action = 2
Fri Nov 06 16:00:32 2009 us=147857   ping_timer_remote = DISABLED
Fri Nov 06 16:00:32 2009 us=147866   remap_sigusr1 = 0
Fri Nov 06 16:00:32 2009 us=147876   explicit_exit_notification = 0
Fri Nov 06 16:00:32 2009 us=147885   persist_tun = ENABLED
Fri Nov 06 16:00:32 2009 us=147894   persist_local_ip = DISABLED
Fri Nov 06 16:00:32 2009 us=147904   persist_remote_ip = DISABLED
Fri Nov 06 16:00:32 2009 us=147913   persist_key = ENABLED
Fri Nov 06 16:00:32 2009 us=147922   mssfix = 1450
Fri Nov 06 16:00:32 2009 us=147931   resolve_retry_seconds = 1000000000
Fri Nov 06 16:00:32 2009 us=147941   connect_retry_seconds = 5
Fri Nov 06 16:00:32 2009 us=147950   username = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147959   groupname = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147968   chroot_dir = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147977   cd_dir = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147986   writepid = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=147995   up_script = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=148005   down_script = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=148014   down_pre = DISABLED
Fri Nov 06 16:00:32 2009 us=148023   up_restart = DISABLED
Fri Nov 06 16:00:32 2009 us=148032   up_delay = DISABLED
Fri Nov 06 16:00:32 2009 us=148041   daemon = DISABLED
Fri Nov 06 16:00:32 2009 us=148050   inetd = 0
Fri Nov 06 16:00:32 2009 us=148058   log = DISABLED
Fri Nov 06 16:00:32 2009 us=148067   suppress_timestamps = DISABLED
Fri Nov 06 16:00:32 2009 us=148077   nice = 0
Fri Nov 06 16:00:32 2009 us=148086   verbosity = 6
Fri Nov 06 16:00:32 2009 us=224650   mute = 0
Fri Nov 06 16:00:32 2009 us=224674   gremlin = 0
Fri Nov 06 16:00:32 2009 us=224691   status_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=224701   status_file_version = 1
Fri Nov 06 16:00:32 2009 us=224711   status_file_update_freq = 60
Fri Nov 06 16:00:32 2009 us=224720   occ = ENABLED
Fri Nov 06 16:00:32 2009 us=224730   rcvbuf = 0
Fri Nov 06 16:00:32 2009 us=224739   sndbuf = 0
Fri Nov 06 16:00:32 2009 us=224749   socks_proxy_server = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=224775   socks_proxy_port = 0
Fri Nov 06 16:00:32 2009 us=224800   socks_proxy_retry = DISABLED
Fri Nov 06 16:00:32 2009 us=224818   fast_io = DISABLED
Fri Nov 06 16:00:32 2009 us=224831   comp_lzo = ENABLED
Fri Nov 06 16:00:32 2009 us=224841   comp_lzo_adaptive = ENABLED
Fri Nov 06 16:00:32 2009 us=224851   route_script = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=224861   route_default_gateway = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=224871   route_noexec = DISABLED
Fri Nov 06 16:00:32 2009 us=239669   route_delay = 0
Fri Nov 06 16:00:32 2009 us=239687   route_delay_window = 30
Fri Nov 06 16:00:32 2009 us=239697   route_delay_defined = ENABLED
Fri Nov 06 16:00:32 2009 us=239707   management_addr = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=239716   management_port = 0
Fri Nov 06 16:00:32 2009 us=239725   management_user_pass = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=239735   management_log_history_cache = 250
Fri Nov 06 16:00:32 2009 us=239745   management_echo_buffer_size = 100
Fri Nov 06 16:00:32 2009 us=239755   management_query_passwords = DISABLED
Fri Nov 06 16:00:32 2009 us=239765   management_hold = DISABLED
Fri Nov 06 16:00:32 2009 us=239774   shared_secret_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=239784   key_direction = 2
Fri Nov 06 16:00:32 2009 us=239793   ciphername_defined = ENABLED
Fri Nov 06 16:00:32 2009 us=239802   ciphername = 'BF-CBC'
Fri Nov 06 16:00:32 2009 us=239813   authname_defined = ENABLED
Fri Nov 06 16:00:32 2009 us=256238   authname = 'SHA1'
Fri Nov 06 16:00:32 2009 us=256256   keysize = 0
Fri Nov 06 16:00:32 2009 us=256271   engine = DISABLED
Fri Nov 06 16:00:32 2009 us=256291   replay = ENABLED
Fri Nov 06 16:00:32 2009 us=256305   mute_replay_warnings = DISABLED
Fri Nov 06 16:00:32 2009 us=256321   replay_window = 64
Fri Nov 06 16:00:32 2009 us=256331   replay_time = 15
Fri Nov 06 16:00:32 2009 us=256341   packet_id_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=256349   use_iv = ENABLED
Fri Nov 06 16:00:32 2009 us=256358   test_crypto = DISABLED
Fri Nov 06 16:00:32 2009 us=256367   tls_server = DISABLED
Fri Nov 06 16:00:32 2009 us=256376   tls_client = ENABLED
Fri Nov 06 16:00:32 2009 us=256385   key_method = 2
Fri Nov 06 16:00:32 2009 us=256394   ca_file = 'ca.crt'
Fri Nov 06 16:00:32 2009 us=256404   dh_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=256413   cert_file = 'client.crt'
Fri Nov 06 16:00:32 2009 us=273112   priv_key_file = 'client.key'
Fri Nov 06 16:00:32 2009 us=273140   pkcs12_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=273152   cryptoapi_cert = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=273162   cipher_list = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=273176   tls_verify = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=273202   tls_remote = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=273224   crl_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=273235   ns_cert_type = 64
Fri Nov 06 16:00:32 2009 us=273244   tls_timeout = 2
Fri Nov 06 16:00:32 2009 us=273252   renegotiate_bytes = 0
Fri Nov 06 16:00:32 2009 us=273261   renegotiate_packets = 0
Fri Nov 06 16:00:32 2009 us=273270   renegotiate_seconds = 3600
Fri Nov 06 16:00:32 2009 us=273279   handshake_window = 60
Fri Nov 06 16:00:32 2009 us=273288   transition_window = 3600
Fri Nov 06 16:00:32 2009 us=273297   single_session = DISABLED
Fri Nov 06 16:00:32 2009 us=273306   tls_exit = DISABLED
Fri Nov 06 16:00:32 2009 us=291198   tls_auth_file = 'ta.key'
Fri Nov 06 16:00:32 2009 us=291237   server_network = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291259   server_netmask = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291281   server_bridge_ip = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291293   server_bridge_netmask = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291304   server_bridge_pool_start = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291314   server_bridge_pool_end = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291325   ifconfig_pool_defined = DISABLED
Fri Nov 06 16:00:32 2009 us=291335   ifconfig_pool_start = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291346   ifconfig_pool_end = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291356   ifconfig_pool_netmask = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=291367   ifconfig_pool_persist_filename = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=291378   ifconfig_pool_persist_refresh_freq = 600
Fri Nov 06 16:00:32 2009 us=291388   ifconfig_pool_linear = DISABLED
Fri Nov 06 16:00:32 2009 us=291397   n_bcast_buf = 256
Fri Nov 06 16:00:32 2009 us=309160   tcp_queue_limit = 64
Fri Nov 06 16:00:32 2009 us=309178   real_hash_size = 256
Fri Nov 06 16:00:32 2009 us=309187   virtual_hash_size = 256
Fri Nov 06 16:00:32 2009 us=309212   client_connect_script = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=309224   learn_address_script = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=309252   client_disconnect_script = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=309262   client_config_dir = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=309272   ccd_exclusive = DISABLED
Fri Nov 06 16:00:32 2009 us=309281   tmp_dir = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=309290   push_ifconfig_defined = DISABLED
Fri Nov 06 16:00:32 2009 us=309303   push_ifconfig_local = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=309313   push_ifconfig_remote_netmask = 0.0.0.0
Fri Nov 06 16:00:32 2009 us=309324   enable_c2c = DISABLED
Fri Nov 06 16:00:32 2009 us=309333   duplicate_cn = DISABLED
Fri Nov 06 16:00:32 2009 us=309341   cf_max = 0
Fri Nov 06 16:00:32 2009 us=327655   cf_per = 0
Fri Nov 06 16:00:32 2009 us=327673   max_clients = 1024
Fri Nov 06 16:00:32 2009 us=327683   max_routes_per_client = 256
Fri Nov 06 16:00:32 2009 us=327702   client_cert_not_required = DISABLED
Fri Nov 06 16:00:32 2009 us=327720   username_as_common_name = DISABLED
Fri Nov 06 16:00:32 2009 us=327740   auth_user_pass_verify_script = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=327753   auth_user_pass_verify_script_via_file = DISABLED
Fri Nov 06 16:00:32 2009 us=327763   client = ENABLED
Fri Nov 06 16:00:32 2009 us=327771   pull = ENABLED
Fri Nov 06 16:00:32 2009 us=327780   auth_user_pass_file = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=327793   show_net_up = DISABLED
Fri Nov 06 16:00:32 2009 us=327808   route_method = 0
Fri Nov 06 16:00:32 2009 us=327817   ip_win32_defined = DISABLED
Fri Nov 06 16:00:32 2009 us=327826   ip_win32_type = 3
Fri Nov 06 16:00:32 2009 us=327834   dhcp_masq_offset = 0
Fri Nov 06 16:00:32 2009 us=359844   dhcp_lease_time = 31536000
Fri Nov 06 16:00:32 2009 us=359861   tap_sleep = 0
Fri Nov 06 16:00:32 2009 us=359871   dhcp_options = DISABLED
Fri Nov 06 16:00:32 2009 us=359896   dhcp_renew = DISABLED
Fri Nov 06 16:00:32 2009 us=359906   dhcp_pre_release = DISABLED
Fri Nov 06 16:00:32 2009 us=359926   dhcp_release = DISABLED
Fri Nov 06 16:00:32 2009 us=359937   domain = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=359946   netbios_scope = '[UNDEF]'
Fri Nov 06 16:00:32 2009 us=359954   netbios_node_type = 0
Fri Nov 06 16:00:32 2009 us=359964   disable_nbt = DISABLED
Fri Nov 06 16:00:32 2009 us=359984 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct  1 2006
Fri Nov 06 16:00:32 2009 us=360119 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA.  OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Nov 06 16:00:32 2009 us=362628 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Fri Nov 06 16:00:32 2009 us=377376 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 06 16:00:32 2009 us=377416 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 06 16:00:32 2009 us=377457 LZO compression initialized
Fri Nov 06 16:00:32 2009 us=377571 Control Channel MTU parms [ L:1574 D:166 EF:66 EB:0 ET:0 EL:0 ]
Fri Nov 06 16:00:32 2009 us=384583 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Fri Nov 06 16:00:32 2009 us=384682 Local Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client'
Fri Nov 06 16:00:32 2009 us=384699 Expected Remote Options String: 'V4,dev-type tap,link-mtu 1574,tun-mtu 1532,proto UDPv4,comp-lzo,keydir 0,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-server'
Fri Nov 06 16:00:32 2009 us=395068 Local Options hash (VER=V4): '13a273ba'
Fri Nov 06 16:00:32 2009 us=395110 Expected Remote Options hash (VER=V4): '360696c5'
Fri Nov 06 16:00:32 2009 us=395168 Socket Buffers: R=[8192->8192] S=[64512->64512]
Fri Nov 06 16:00:32 2009 us=395197 UDPv4 link local: [undef]
Fri Nov 06 16:00:32 2009 us=395209 UDPv4 link remote: 192.168.102.64:1194
Fri Nov 06 16:00:32 2009 us=395446 UDPv4 WRITE [42] to 192.168.102.64:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 pid=[ #1 ] [ ] pid=0 DATA len=0
Fri Nov 06 16:00:32 2009 us=398214 UDPv4 READ [-1] from [undef]: DATA UNDEF len=-1
Fri Nov 06 16:00:32 2009 us=398689 read UDPv4: Connection reset by peer (WSAECONNRESET) (code=10054)
Fri Nov 06 16:00:32 2009 us=398710 UDPv4 READ [-1] from [undef]: DATA UNDEF len=-1
Fri Nov 06 16:00:34 2009 us=398254 UDPv4 WRITE [42] to 192.168.102.64:1194: P_CONTROL_HARD_RESET_CLIENT_V2
My guess at this point is that I have something wrong in my understanding of how this is going to route via the OpenVPN server. Most of the guides that I've read reference the "normal use" of bridging a single nic on the OpenVPN server and allowing the normal routing between the networks (client <-> client router <-> Internet <-> host's router <-> OpenVPN) and NOT within the same network as I am trying to do (client <-> OpenVPN <-> virtual private network).

Again, any guidance would be greatly appreciated!
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/