Koozali.org formerly Contribs.org

[ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm

Offline Franco

  • *
  • 1,171
    • http://contribs.org
Re: [ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm
« Reply #315 on: January 20, 2008, 02:52:44 PM »
I have installed the latest release version of the smeserver-openvpn-bridge-fws contrib on 4-5 SME servers so far and can access all of them without problems or bugs.

The OpenVPN solution following the instructions of Jesper Knudsen does *not* create a bridge connection (AFAIR), so I never could connect to another server on the same subnet, because routing did not work.
Additionally, certificates and keys are very easily created with the smeserver-openvpn-bridge-fws contrib.

Lucky you!  :-)
I installed several times on two different machines over and over and never got it to work correctly. Maybe it has issues with the hardware type as it was proposed earlier... Mine were HP and Dell machines.
In the other hand "Knudsen's How-To" works perfect for me, I can acess all the network resources without being on the same subnet (that's what routing is supposed to do).

Edit: It does works BTW, it breaks other things I should clarify!

Re: [ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm
« Reply #316 on: January 27, 2008, 10:20:39 AM »
i have SME 7.3 with OpenVPN from "http://sme.firewall-services.com/spip.php?article4"
but i found these error messages :

[root@primsvr ~]# /etc/init.d/openvpn-bridge start
Starting openvpn: Sun Jan 27 17:01:35 2008 TUN/TAP device tap0 opened
Sun Jan 27 17:01:35 2008 Persist state set to: ON

Shutting down IP masquerade and firewall rules:         Done!

Enabling IP masquerading: done
                                                           [FAILED]

Regards,
darmasanthi

Offline Daniel B.

  • *
  • 1,697
    • Firewall Services, la sécurité des réseaux
Re: [ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm
« Reply #317 on: January 27, 2008, 02:31:49 PM »
Have you configured all the necessary certificates, d-h parameters etc.. through the panel in the server-manager?
C'est la fin du monde !!! :lol:

Re: [ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm
« Reply #318 on: January 27, 2008, 02:51:36 PM »
On the server side, the OpenVPN_Bridge it's work now,
but i's still not setting up on the client.

FYI here is our network (the plan):

2 SME7.3 Server with "Server & Gateway mode" :

Internal IP.A----SME7.3 Server (A)-------wireless------(B) SME7.3 Server-----Internal IP.B

192.168.0.0/24--192.168.0.100/24--10.10.10.1/16---wireless---10.10.10.2/16--192.168.1.100/24--192.168.1.0/24

my question :
is this a correct configuration?

Or, please give me the solution ...

Regards,
darmasanthi

Re: [ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm
« Reply #319 on: March 18, 2008, 03:51:48 PM »
On my server i remove the teamspeakserver contrib.
This fix the  "unregister_netdevice waiting for br0"   error.

Offline Franco

  • *
  • 1,171
    • http://contribs.org
Re: [ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm
« Reply #320 on: March 18, 2008, 03:59:12 PM »
On my server i remove the teamspeakserver contrib.
This fix the  "unregister_netdevice waiting for br0"   error.
WOW!!!
This is a win! :)

I never used the TeamSpeak contrib thou, and I always had the problem :(

Re: [ANNOUNCE] smeserver-openvpn-bridge-fws-1.1-2.rpm
« Reply #321 on: March 23, 2008, 06:25:08 PM »
i have SME 7.3 with OpenVPN from "http://sme.firewall-services.com/spip.php?article4"
but i found these error messages :

[root@primsvr ~]# /etc/init.d/openvpn-bridge start
Starting openvpn: Sun Jan 27 17:01:35 2008 TUN/TAP device tap0 opened
Sun Jan 27 17:01:35 2008 Persist state set to: ON

Shutting down IP masquerade and firewall rules:         Done!

Enabling IP masquerading: done
                                                           [FAILED]


I had this problem too but reading the small print in the howto it says

"the vpn ip range must be outside the standard DHCP range" 

Since I had DHCP switched off in my SME setup, I
imagined that sentence did not apply, but it seems that it does still
apply as described...

"It [the vpn ip range] must be in the same subnet as your local
network but out of the standard DHCP range. For example, you have a
network address of 192.168.165.0/24, the default DHCP range is from
192.168.165.65 to 192.168.165.250, you can choose the range
192.168.165.20 to 192.168.165.50 for the vpn’s clients."

I had chosen the range 192.168.165.201 through 211 but now I've chosen
20 through 30 and the Masquerading error message is fixed and I can now connect OK.

hth,
David.