Hi there,
When I create a OpenVPN tunnel (dev tun) a ptp NIC device is used to communicate VPN traffic.
If I sniff the server-side tun device and ping from client to server, traffic seems to come from the IP address assigned to the clients tun device.
In order to connect two LANs together this means that I have to NAT traffic. Using "dev tun" is there a way to forward real LAN IP's (those on eth0) to the VPN LAN? Or do I need to bridge tap and eth0 together in order to get "real" IP's to the other side?
Regards,
Hansa
tun or tap?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
gladiatr72
- Forum Team
- Posts: 194
- Joined: Mon Dec 13, 2010 3:51 pm
- Location: Lawrence, KS
Re: tun or tap?
Hansa,
Hello. You're almost right. One option is to have NAT functionality setup for your client subnet. The other method is to add a route on the server network for the client subnet. In a situation where the openvpn server is not the default gateway , you will need to add a route to whatever system is the default gateway to direct traffic for the client network to the openvpn server.
-Stephen
Hello. You're almost right. One option is to have NAT functionality setup for your client subnet. The other method is to add a route on the server network for the client subnet. In a situation where the openvpn server is not the default gateway , you will need to add a route to whatever system is the default gateway to direct traffic for the client network to the openvpn server.
-Stephen
[..]I used to think it was awful that life was so unfair. [...]Wouldn't it be much worse if life were fair, and all the terrible things that happen to us come because we actually deserve them? -Marcus Cole