Trouble setting up OpenVPN appliance in bridged mode

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
georgem
OpenVpn Newbie
Posts: 1
Joined: Tue Feb 22, 2011 10:16 pm

Trouble setting up OpenVPN appliance in bridged mode

Post by georgem » Tue Feb 22, 2011 10:32 pm

Hi all,

I'm very eager to get my new OpenVPN AS appliance working but have run into trouble at the first hurdle. Am trying to set up the machine using a single NIC and bridging to the LAN as a first step but getting nowhere fast :-/

The architecture is as follows:

Code: Select all

Remote Linux client ---->   Firewall forwarding UDP port -------> OpenVPN AS
                                                            |
                                                            |
                                                             ---> Windows DHCP server
I am able to connect with a remote client but tap0 never gets an IP from the DHCP server. I have looked for server.config to post but can't find it anywhere - is it located somewhere strange on the appliance install? Have also tried assigning an address to tap0 manually on the client but that doesn't seem to help.

The output on the client is as follows:

Code: Select all

user@machine:~$ sudo openvpn --config Desktop/client.ovpn 
[sudo] password for user: 
Tue Feb 22 22:10:50 2011 OpenVPN 2.1.0 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 12 2010
Enter Auth Username:openvpn
Enter Auth Password:
Tue Feb 22 22:10:53 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Feb 22 22:10:53 2011 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Tue Feb 22 22:10:53 2011 Control Channel Authentication: tls-auth using INLINE static key file
Tue Feb 22 22:10:53 2011 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Feb 22 22:10:53 2011 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Feb 22 22:10:53 2011 LZO compression initialized
Tue Feb 22 22:10:53 2011 Control Channel MTU parms [ L:1574 D:166 EF:66 EB:0 ET:0 EL:0 ]
Tue Feb 22 22:10:53 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Tue Feb 22 22:10:53 2011 Local Options hash (VER=V4): '13a273ba'
Tue Feb 22 22:10:53 2011 Expected Remote Options hash (VER=V4): '360696c5'
Tue Feb 22 22:10:53 2011 Socket Buffers: R=[114688->200000] S=[114688->200000]
Tue Feb 22 22:10:53 2011 UDPv4 link local: [undef]
Tue Feb 22 22:10:53 2011 UDPv4 link remote: [AF_INET]1.1.1.1:1194
Tue Feb 22 22:10:53 2011 TLS: Initial packet from [AF_INET]1.1.1.1:1194, sid=f9c219e0 a9858c8a
Tue Feb 22 22:10:53 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Feb 22 22:10:53 2011 Replay-window backtrack occurred [2]
Tue Feb 22 22:10:59 2011 VERIFY OK: depth=1, /CN=OpenVPN_CA
Tue Feb 22 22:10:59 2011 VERIFY OK: nsCertType=SERVER
Tue Feb 22 22:10:59 2011 VERIFY OK: depth=0, /CN=OpenVPN_Server
Tue Feb 22 22:11:01 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Feb 22 22:11:01 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Feb 22 22:11:01 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Feb 22 22:11:01 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Feb 22 22:11:01 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Feb 22 22:11:01 2011 [OpenVPN_Server] Peer Connection Initiated with [AF_INET]1.1.1.1:1194
Tue Feb 22 22:11:03 2011 SENT CONTROL [OpenVPN_Server]: 'PUSH_REQUEST' (status=1)
Tue Feb 22 22:11:03 2011 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,route-gateway dhcp,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 5,ping-restart 40,redirect-private local,redirect-private bypass-dhcp,comp-lzo no'
Tue Feb 22 22:11:03 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.1.0)
Tue Feb 22 22:11:03 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.1.0)
Tue Feb 22 22:11:03 2011 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.1.0)
Tue Feb 22 22:11:03 2011 OPTIONS IMPORT: timers and/or timeouts modified
Tue Feb 22 22:11:03 2011 OPTIONS IMPORT: explicit notify parm(s) modified
Tue Feb 22 22:11:03 2011 OPTIONS IMPORT: LZO parms modified
Tue Feb 22 22:11:03 2011 OPTIONS IMPORT: route options modified
Tue Feb 22 22:11:03 2011 OPTIONS IMPORT: route-related options modified
Tue Feb 22 22:11:03 2011 ROUTE default_gateway=192.168.48.1
Tue Feb 22 22:11:03 2011 TUN/TAP device tap0 opened
Tue Feb 22 22:11:03 2011 TUN/TAP TX queue length set to 100
Tue Feb 22 22:11:08 2011 NOTE: unable to redirect default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing
Tue Feb 22 22:11:08 2011 Initialization Sequence Completed
Sorry for the newb questions, and I realise that this post is likely short on detail, please let me know what you need to know and will update asap.

TIA! :)

George
Top
User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:
Contact maikcat

Re: Trouble setting up OpenVPN appliance in bridged mode

Post by maikcat » Wed Feb 23, 2011 7:23 am

hi georgem,

sorry to inform you that this forum is for openvpn opensource version only,

not for AS version..

cheers,

michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"
Top
Post Reply

Return to “Configuration”