LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 11-06-2009, 10:23 AM   #1
danmartinj
LQ Newbie
 
Registered: Oct 2009
Posts: 24

Rep: Reputation: 0
Error When converting Routing OpenVPN to bridge mode openvpn


Hello All,
Thanks for viewing my thread. I have been stuck on a very annoying problem for the past couple of days. I first installed openvpn in routing mode and got everything to work after a couple bumps and bruises.
Now, Im basically taking the same setup and transforming it into bridge mode. I am currently working on the server side first. Now below is all my script and configuration files. I think the main problems can be summed up by these few error messages directly below:

/etc/openvpn# .bridge-start #command to start script
Friday... : TUN/TAP device tap0 opened
Friday... : Persis state set to: ON
SIOCSIFFLAGS: Cannont assign requested address #Error message
SIOCSIFFLAGS: Cannont assign requested address #at command line
SIOCSIFFLAGS: Cannont assign requested address
SIOCSIFFLAGS: Cannont assign requested address

Ok. So the main error lines at /var/log/openvpn.log is

NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to

Note: Cannot open TUN/TAP dev tap-bridge: No such file or directory (errno=2)

I think the above error messages are the key things to look at. I hope someone has seen or knows what silly mistake I maybe making. As I said all my other work is listed below. Thanks again.


The log file errors are:
/var/log/openvpn.log


Fri Nov 6 00:40:03 2009 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Fri Nov 6 00:40:03 2009 NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Fri Nov 6 00:40:03 2009 Diffie-Hellman initialized with 1024 bit key
Fri Nov 6 00:40:03 2009 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Fri Nov 6 00:40:03 2009 TLS-Auth MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Nov 6 00:40:03 2009 Note: Cannot open TUN/TAP dev tap-bridge: No such file or directory (errno=2)
Fri Nov 6 00:40:03 2009 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Fri Nov 6 00:40:03 2009 Cannot open TUN/TAP dev tap-bridge: No such file or directory (errno=2)
Fri Nov 6 00:40:03 2009 Exiting
____________________________________________________________________________________________________ ____


The file /usr/share/doc/openvpn/examples/sample-scripts/bridge-start

#!/bin/bash

#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################

# Define Bridge Interface
br="br0"

# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"

# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="10.0.63.250"
eth_netmask="255.255.255.0"
eth_broadcast="10.0.63.255"

for t in $tap; do
openvpn --mktun --dev $t
sleep 1
done

brctl addbr $br
brctl addif $br $eth

for t in $tap; do
brctl addif $br $t
sleep 1
done

for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
sleep 1
done

ifconfig $eth 0.0.0.0 promisc up
sleep 1

ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
sleep 1
_______________________________________________________________________________

/etc/openvpn/server.conf

##NEW SERVER.CONF FILE EDITED NOV32009, BACKUP IS ON DESKTOP, AUTHOR DAN
port 1194
proto udp
#dev tun --> This is for the normal routing openvpn configuration
dev tap
dev-node tap-bridge
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
#ca /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/ca.crt
#cert /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.crt
#key /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/server.key
#dh /usr/share/doc/openvpn/examples/easy-rsa/2.0/keys/dh1024.pem
#server 10.8.0.0 255.255.255.0


#server 10.0.63.0 255.255.255.0 --> This is for the normal routing openvpn configuration
server-bridge 10.0.63.250 255.255.255.0 10.0.63.128 10.0.63.240
ifconfig-pool-persist ipp.txt

#ADD ROUTE TO 64 SUBNET
push "route 10.0.64.0 255.255.255.0"

#push "route 192.168.1.0 255.255.255.0"
#push "redirect-gateway def1"
#push "dhcp-option DNS 192.168.1.1"


#client-to-client
user nobody
group users
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
log-append /var/log/openvpn.log
verb 3
client-to-client
_______________________________________________________________________________________________

http://www.openvpn.net/index.php/ope...-bridging.html
website tutorial

________________________________________________________________________________________________

Keep in mind I just edited the config files since this was working fine under routing mode.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenVPN client has not default gateway when connect to OpenVPN server sailershen Linux - Security 3 03-04-2010 03:20 AM
Please could you post a working configuration for a OPENVPN with bridge ? frenchn00b Linux - Server 15 09-14-2009 02:53 PM
OpenVPN bridge problem acetone802000 Linux - Networking 2 05-18-2007 05:31 AM
LXer: How to bridge networks with OpenVPN LXer Syndicated Linux News 0 11-22-2006 05:03 AM
Openvpn error or routing error? tkt Linux - Newbie 0 11-02-2006 02:37 AM


All times are GMT -5. The time now is 11:30 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration