LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Error When converting Routing OpenVPN to bridge mode openvpn (https://www.linuxquestions.org/questions/linux-software-2/error-when-converting-routing-openvpn-to-bridge-mode-openvpn-767316/)

danmartinj 11-06-2009 09:23 AM
Error When converting Routing OpenVPN to bridge mode openvpn
 
Hello All,
Thanks for viewing my thread. I have been stuck on a very annoying problem for the past couple of days. I first installed openvpn in routing mode and got everything to work after a couple bumps and bruises.
Now, Im basically taking the same setup and transforming it into bridge mode. I am currently working on the server side first. Now below is all my script and configuration files. I think the main problems can be summed up by these few error messages directly below:

/etc/openvpn# .bridge-start #command to start script
Friday... : TUN/TAP device tap0 opened
Friday... : Persis state set to: ON
SIOCSIFFLAGS: Cannont assign requested address #Error message
SIOCSIFFLAGS: Cannont assign requested address #at command line
SIOCSIFFLAGS: Cannont assign requested address
SIOCSIFFLAGS: Cannont assign requested address

Ok. So the main error lines at /var/log/openvpn.log is

NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to

Note: Cannot open TUN/TAP dev tap-bridge: No such file or directory (errno=2)

I think the above error messages are the key things to look at. I hope someone has seen or knows what silly mistake I maybe making. As I said all my other work is listed below. Thanks again.


The log file errors are:
/var/log/openvpn.log


Fri Nov 6 00:40:03 2009 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Fri Nov 6 00:40:03 2009 NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Fri Nov 6 00:40:03 2009 Diffie-Hellman initialized with 1024 bit key
Fri Nov 6 00:40:03 2009 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Fri Nov 6 00:40:03 2009 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Nov 6 00:40:03 2009 Note: Cannot open TUN/TAP dev tap-bridge: No such file or directory (errno=2)
Fri Nov 6 00:40:03 2009 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Fri Nov 6 00:40:03 2009 Cannot open TUN/TAP dev tap-bridge: No such file or directory (errno=2)
Fri Nov 6 00:40:03 2009 Exiting
____________________________________________________________________________________________________ ____


The file /usr/share/doc/openvpn/examples/sample-scripts/bridge-start

#!/bin/bash

#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################

# Define Bridge Interface
br="br0"

# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"

# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="10.0.63.250"
eth_netmask="255.255.255.0"
eth_broadcast="10.0.63.255"

for t in $tap; do
openvpn --mktun --dev $t
sleep 1
done

brctl addbr $br
brctl addif $br $eth

for t in $tap; do
brctl addif $br $t
sleep 1
done

for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
sleep 1
done

ifconfig $eth 0.0.0.0 promisc up
sleep 1

ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
sleep 1
_______________________________________________________________________________

/etc/openvpn/server.conf

##NEW SERVER.CONF FILE EDITED NOV32009, BACKUP IS ON DESKTOP, AUTHOR DAN
port 1194
proto udp
#dev tun --> This is for the normal routing openvpn configuration
dev tap
dev-node tap-bridge
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
#ca /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
#cert /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.crt
#key /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.key
#dh /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
#server 10.8.0.0 255.255.255.0


#server 10.0.63.0 255.255.255.0 --> This is for the normal routing openvpn configuration
server-bridge 10.0.63.250 255.255.255.0 10.0.63.128 10.0.63.240
ifconfig-pool-persist ipp.txt

#ADD ROUTE TO 64 SUBNET
push "route 10.0.64.0 255.255.255.0"

#push "route 192.168.1.0 255.255.255.0"
#push "redirect-gateway def1"
#push "dhcp-option DNS 192.168.1.1"


#client-to-client
user nobody
group users
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
log-append /var/log/openvpn.log
verb 3
client-to-client
_______________________________________________________________________________________________

http://www.openvpn.net/index.php/ope...-bridging.html
website tutorial

________________________________________________________________________________________________

Keep in mind I just edited the config files since this was working fine under routing mode.


All times are GMT -5. The time now is 01:20 AM.