| 1 |
Hi, |
| 2 |
|
| 3 |
Patrick Holthaus schrieb: |
| 4 |
> Hello everybody! |
| 5 |
> |
| 6 |
> Maybe this is a bit Off-Topic here, but maybe some of you like to help me |
| 7 |
> anyway. |
| 8 |
> |
| 9 |
> I am trying to build a VPN network where the clients get their IP adresses |
| 10 |
> from a local DHCP server (because it should notify the nameserver of the |
| 11 |
> clients). The VPN should have its own adress pool 10.8.0.* while the |
| 12 |
> unsecured clients in the server's LAN should get an 192.168.1.* adress. |
| 13 |
> |
| 14 |
> I got the VPN working but the clients do appearently not get their IP from the |
| 15 |
> DHCP server but some random IP from the OpenVPN server. (The DHCP server only |
| 16 |
> assignes 10.8.0.100-200 adresses but the clients get .8 or .10 for example) |
| 17 |
> |
| 18 |
> Now my questions are: |
| 19 |
> Do I need bridging for making the DHCP server work in the VPN? |
| 20 |
> |
| 21 |
|
| 22 |
Yes. DHCP is an ethernet protocol. DHCP over IP wouldn't make much |
| 23 |
sense, would it? To use your existing DHCP Server you need OSI Layer 2 |
| 24 |
VPN connections (TAP devices). |
| 25 |
|
| 26 |
> How should the configuration files look like? |
| 27 |
> |
| 28 |
|
| 29 |
Uhm, in your testing files, you try to configure IP's on a tap device? I |
| 30 |
think you mix the concepts up here. If you have a tap tunnel, your |
| 31 |
client sends ethernet frames to the server, who, when properly bridged, |
| 32 |
sends them to a local LAN, and vice versa. No IP involved on that level, |
| 33 |
you could use IPX or SCTP if you wanted. The only IP you mention in the |
| 34 |
config file is that of the server. |
| 35 |
|
| 36 |
But then a client could connect and use any IP you ask? Well, yes, as in |
| 37 |
any LAN. You can use iptables on the bridge to filter spoofed packets |
| 38 |
out, though. |
| 39 |
|
| 40 |
It's more easy and faster to stick with Layer3 vpn, though. |
| 41 |
|
| 42 |
Regards and HTH, |
| 43 |
Thomas |
| 44 |
-- |
| 45 |
gentoo-user@g.o mailing list |
Archives