OpenVPN MultiCast VLC Stream

sganesh_1975 · 09-11-2009, 06:12 AM

Dear All,

We would like to have multicast setup for our VPN clients

Details

Ubuntu Server details

etho: ip: 92.168.1.200 gw: 192.168.1.1 mask: 255.255.255.0
eth1: bridged interface
br0: ip: 92.168.2.200 mask: 255.255.255.0

Version : Linux ubuntu 2.6.28-11-server

VPN Server: OpenVPN
Version - openvpn_2.1~rc11-1ubuntu3_i386.deb

VPN Interface : bridge - br0

(as a linux newbie we had exactly followed the steps given at https://help.ubuntu.com/community/OpenVPN)

Other Servers / Service : installed mrouted from http://archive.debian.net/potato/i386/mrouted/download

One of our servers in the LAN is running Video Lan server streaming Video to the LAN and VPN clients

Video Lan Server Details:

ip: 192.168.2.40 gw: 192.168.2.200 mask: 255.255.255.0

VLC is streaming at,

RTP MULTICAST IP: 233.1.2.5
port: 1234

Lan Client Details - ip: 192.168.2.0/24

VPN Client Details - ip: 10.10.20.10/24

VPN Clients are using OPENVPN gui and are connecting from WIN XP systems

Currently, we do not face any problem with

Ping from both LAN and VPN systems
RDP, File Transfer is working without any problem

LAN systems are able to connect and receive multicast at UDP://@233.1.2.5:1234

but, the VPN client systems could not able to connect / receive the multicast Video Stream

Suppose, if we do unicasting, even the VPN clients are able to receive the multicast Video Stream

we have not enabled firewall -UFW and have only these iptables scripts

Code:

sudo iptables -P INPUT ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -F
sudo iptables -X
sudo iptables -F -t nat
sudo iptables -F -t mangle

sudo iptables -A INPUT -j LOG --log-prefix "INPUT_DROP: "
sudo iptables -A OUTPUT -j LOG --log-prefix "OUTPUT_DROP: "
sudo iptables -A FORWARD -j LOG --log-prefix "FORWARD: "

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -j ACCEPT

and our route -n output is as follows,

Code:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.20.2      0.0.0.0         255.255.255.255 UH    0      0        0 tun0
10.10.20.0      10.10.20.2      255.255.255.0   UG    0      0        0 tun0
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth0

To solve this problem, which part we should concentrate

IPTABLES ?
VPN Server and its configuration?
Mrouted ?
VPN tunnel instead of Bridge ? (we tried with TUN instead of Bridge interface)

Kindly requesting you all to help us to proceed from here

Thanking you,

S Ganesh