From: "Денис Ягофаров" <denyago@rambler.ru> To: sysadmins@lists.altlinux.org Subject: [Sysadmins] Opnvpn в режиме bridged Date: Fri, 18 Jan 2008 14:27:20 +0200 Message-ID: <47909B28.4050207@rambler.ru> (raw) [-- Attachment #1: Type: text/plain, Size: 1821 bytes --] Добрый день. Пробую поднять openvpn в режиме bridged. В режиме routed всё отлично работает. Вот конфиг: port 31194 proto tcp dev tap #dev-node tap0 ca /etc/openvpn/keys/ca.cert cert /etc/openvpn/keys/server.cert key /etc/openvpn/keys/server.key # This file should be kept secret! dh /etc/openvpn/keys/dh1024.pem ifconfig-pool-persist ipp.txt # Configure server mode for ethernet bridging. # You must first use your OS's bridging capability # to bridge the TAP interface with the ethernet # NIC interface. Then you must manually set the # IP/netmask on the bridge interface, here we # assume 10.8.0.4/255.255.255.0. Finally we # must set aside an IP range in this subnet # (start=10.8.0.50 end=10.8.0.100) to allocate # to connecting clients. Leave this line commented # out unless you are ethernet bridging. server-bridge 192.168.100.250 255.255.0.0 192.168.100.50 192.168.100.98 push "route 192.168.10.0 255.255.255.0" keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 В комментариях к конфигу говорится: # You must first use your OS's bridging capability # to bridge the TAP interface with the ethernet # NIC interface. Then you must manually set the # IP/netmask on the bridge interface Для этого я использую вот этот скрипт http://openvpn.net/bridge.html#linuxscript Вот только когда запускается сервис, он использует tap1 и не находит никаких tap0. Такого устройства и я те ненахожу.... в отличии от /dev/net/tup. Так как создать tap0 до старта openvpn и заставить сервиз использовать его? [-- Attachment #2: denyago.vcf --] [-- Type: text/x-vcard, Size: 279 bytes --] begin:vcard fn:Denis Timurovich Yagofarov n:Yagofarov;Denis Timurovich org:ITGIS NASU adr:room 615;;Chokolovski sqr., 13;Kiev;;03151;Ukraine email;internet:denyago@rambler.ru title:system administrator tel;work:80442480755 x-mozilla-html:FALSE version:2.1 end:vcard
next reply other threads:[~2008-01-18 12:27 UTC|newest] Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top 2008-01-18 12:27 Денис Ягофаров [this message] 2008-01-18 20:06 ` Nikolay A. Fetisov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=47909B28.4050207@rambler.ru \ --to=denyago@rambler.ru \ --cc=sysadmins@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux sysadmins discussion This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/sysadmins/0 sysadmins/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 sysadmins sysadmins/ http://lore.altlinux.org/sysadmins \ sysadmins@lists.altlinux.org sysadmins@lists.altlinux.ru sysadmins@lists.altlinux.com public-inbox-index sysadmins Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.sysadmins AGPL code for this site: git clone https://public-inbox.org/public-inbox.git