OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

TAP interface not carrying layer 2

https://forums.openvpn.net/viewtopic.php?t=4806

Page 1 of 1

TAP interface not carrying layer 2

Posted: Thu May 27, 2010 4:56 am
by HoboSteaux
Hey,

I have a OpenVPN server that is currently configured as a TAP device, with the intention of playing LAN games with my friends. Currently it is not bridging any broadcast packets (layer 2), but works otherwise. This is the topology:

Code: Select all

Remote Client <--> Web <-----> Router <-----> Local Client
(W/OpenVPN)     <- TAP ->  (OpenVPN Server)    (W/O OpenVPN)
192.168.2.50-99             192.168.2.1       192.168.2.100-255
My setup has it set so all members of my local network do not have to have OpenVPN installed, with my router having the OpenVPN server residing on it (dd-wrt). Both the LAN and TAP have the same subnetmask of 255.255.255.0

Here is my server config:

Code: Select all

mode server
proto udp
port 1194
dev tap0
daemon

dh /tmp/openvpn/dh.pem 
ca /tmp/openvpn/ca.crt 
cert /tmp/openvpn/cert.pem 
key /tmp/openvpn/key.pem
duplicate-cn

keepalive 10 120
client-to-client
verb 6
management localhost 5001

server-bridge 192.168.2.1 255.255.255.0 192.168.2.50 192.168.2.99
ifconfig 192.168.2.1 255.255.255.0
push "dhcp-option DNS 192.168.2.1"
push "route-gateway 192.168.2.1"
push "route 192.168.2.0 255.255.255.0 192.168.2.1"
And the client config:

Code: Select all

client
dev tap0
remote [my ip] 1194
nobind
persist-key
persist-tun
ca "C:\\Program Files (x86)\\OpenVPN\\config\\key\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\key\\client1.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\key\\client1.key"
cipher BF-CBC
verb 5
float
dev-node "Local Area Connection 2"
My startup and firewall:

Code: Select all

openvpn --mktun --dev tap0 
brctl addif br0 tap0 
ifconfig tap0 0.0.0.0 promisc up 
iptables -I INPUT -p udp --dport 1194 -j ACCEPT
My routing table:

Code: Select all

10.36.36.1	255.255.255.255	0.0.0.0	ppp0
192.168.2.0	255.255.255.0	0.0.0.0	LAN & WLAN
192.168.2.0	255.255.255.0	0.0.0.0	tap0
169.254.0.0	255.255.0.0	0.0.0.0	LAN & WLAN
0.0.0.0	0.0.0.0	10.36.36.1	ppp0
I really appreciate and direction which you can offer me, I am still fairly new to networking and will research any topic if I know what I am looking for.

HoboSteaux

Re: TAP interface not carrying layer 2

Posted: Thu May 27, 2010 5:52 am
by krzee
helped user in IRC

[01:22] <krzie> *shrug* what is your goal?
[01:22] <HoboSteaux> play games over the vpn
[01:22] <krzie> you need a bridge
[01:23] <krzie> !bridge
[01:23] <vpnHelper> krzie: "bridge" is (#1) http://openvpn.net/index.php/documentat ... ml#bridge1, or (#2) http://openvpn.net/index.php/documentat ... dging.html, or (#3) Bridging looks like a good choice to people who don't know how to set up IP routing, but to learn routing is generally far better., or (#4) useful for anything where the protocol uses MAC addresses instead of IP addresses.
[01:23] <vpnHelper> krzie: (but not samba, see !wins)
[01:23] <HoboSteaux> ty
[01:23] <krzie> np
[01:26] <HoboSteaux> so my config file will not have a 'server' line in it then
[01:26] <HoboSteaux> 'mode server'
[01:26] <krzie> see --server-bridge
[01:26] <krzie> !man
[01:26] <vpnHelper> krzie: "man" is (#1) http://openvpn.net/man for 2.0 manual, or (#2) http://openvpn.net/man-beta.html for 2.1 manual, or (#3) the man pages are your friend!
[01:49] <HoboSteaux> krzie: the vpn was configured perfectly and working, it just wasnt briidged on his end
[01:49] <HoboSteaux> ty
[01:50] <krzie> yw
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/