From: "Денис Ягофаров" <denyago@rambler.ru>
To: sysadmins@lists.altlinux.org
Subject: [Sysadmins] Opnvpn в режиме bridged
Date: Fri, 18 Jan 2008 14:27:20 +0200
Message-ID: <47909B28.4050207@rambler.ru> (raw)
[-- Attachment #1: Type: text/plain, Size: 1821 bytes --]
Добрый день.
Пробую поднять openvpn в режиме bridged.
В режиме routed всё отлично работает.
Вот конфиг:
port 31194
proto tcp
dev tap
#dev-node tap0
ca /etc/openvpn/keys/ca.cert
cert /etc/openvpn/keys/server.cert
key /etc/openvpn/keys/server.key # This file should be kept secret!
dh /etc/openvpn/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
# Configure server mode for ethernet bridging.
# You must first use your OS's bridging capability
# to bridge the TAP interface with the ethernet
# NIC interface. Then you must manually set the
# IP/netmask on the bridge interface, here we
# assume 10.8.0.4/255.255.255.0. Finally we
# must set aside an IP range in this subnet
# (start=10.8.0.50 end=10.8.0.100) to allocate
# to connecting clients. Leave this line commented
# out unless you are ethernet bridging.
server-bridge 192.168.100.250 255.255.0.0 192.168.100.50 192.168.100.98
push "route 192.168.10.0 255.255.255.0"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
В комментариях к конфигу говорится:
# You must first use your OS's bridging capability
# to bridge the TAP interface with the ethernet
# NIC interface. Then you must manually set the
# IP/netmask on the bridge interface
Для этого я использую вот этот скрипт
http://openvpn.net/bridge.html#linuxscript
Вот только когда запускается сервис, он использует tap1
и не находит никаких tap0. Такого устройства и я те ненахожу.... в
отличии от
/dev/net/tup.
Так как создать tap0 до старта openvpn и заставить сервиз использовать его?
[-- Attachment #2: denyago.vcf --]
[-- Type: text/x-vcard, Size: 279 bytes --]
begin:vcard
fn:Denis Timurovich Yagofarov
n:Yagofarov;Denis Timurovich
org:ITGIS NASU
adr:room 615;;Chokolovski sqr., 13;Kiev;;03151;Ukraine
email;internet:denyago@rambler.ru
title:system administrator
tel;work:80442480755
x-mozilla-html:FALSE
version:2.1
end:vcard
next reply other threads:[~2008-01-18 12:27 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-18 12:27 Денис Ягофаров [this message]
2008-01-18 20:06 ` Nikolay A. Fetisov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47909B28.4050207@rambler.ru \
--to=denyago@rambler.ru \
--cc=sysadmins@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
ALT Linux sysadmins discussion
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \
sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com
public-inbox-index sysadmins
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.sysadmins
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git