NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

bridge with tap - trying to set up openvpn server

I'm running on i386, NetBSD 5_Stable branch.

I'm trying to set up an openvpn server on my home network
(<10 vpn devices).

I am wanting to use bridged mode because I want the vpn
connections to see the internal network resources.

My internal network was (main server/gateway/
NAT/DHCP/firewall/DNS is on

I have recompiled the kernel with bridging support.

The internal interface, wm1, was specified with

To allow some of this subnet for the tap0 interface, I changed
the wm1 netmask to I set up the tap0 interface
to netmask

With this setup the internal network operates fine before I try
to turn on bridging.

Next I added the following to my ipf.conf:
# Let bridge run free
pass out quick on bridge0
pass in quick on bridge0

# Let tap interface loose also
pass in quick on tap0
pass out quick on tap0

Now I try to set up bridging"
brconfig create bridge0
brconfig bridge0 add wm1 add tap0 up

But then my local network, on wm1, seizes and all I can do is
go to the console and remove wm1 from the bridge to get things
up again.

Here is the (reduced) output of ifconfig:
        status: active
        inet netmask 0xffffff80 broadcast
        inet netmask 0xffffffc0 broadcast
bridge0: flags=41<UP,RUNNING> mtu 1500

and brconfig (after I removed wm1 - it was in there also from console):
bridge0: flags=41<UP,RUNNING>
                priority 32768 hellotime 2 fwddelay 15 maxage 20
                ipfilter disabled flags 0x0
                tap0 flags=3<LEARNING,DISCOVER>
                        port 4 priority 128
        Address cache (max cache: 100, timeout: 1200):

I've tried looking at the man pages, guides and openvpn help and
resorted to google searches. Either direct suggestions or further
reading suggestions are very welcome.

Home | Main Index | Thread Index | Old Index