[kwlug-help] Openvpn assistance request.

Paul Nijjar paul_nijjar at yahoo.ca
Sat Aug 20 22:01:13 EDT 2011

On Sat, Aug 20, 2011 at 09:25:56PM -0400, Chris Irwin wrote:

> I just set this up this week, using Ubuntu Server, and this VPN guide
> from their documentation:
> https://help.ubuntu.com/11.04/serverguide/C/openvpn.html
> I created a bridged network interface containing eth0, and have openvpn
> create a tap device that joins that bridged interface. When I connect to
> my VPN with the laptop, I look like just another node on the network. I
> also have it set my default route so all traffic goes through the VPN.

Wow. That looks easy! I thought it was supposed to be hard, but I
guess not. 

Could you help me understand the bridging magic? Say I am using a
laptop and want to connect to an arbitrary site. I connect to the
OpenVPN network, type the address into the URL, and then the traffic
moves as follows?

- The packet goes from my laptop to my Tomato router,
  which it finds via dynamic DNS
- That router uses port forwarding to send the packet to my Ubuntu
  server. It arrives via the TAP interface?
- The Ubuntu server sends the packet back out through eth0 to the
  Tomato router?
- Then the Tomato router gets the response and forwards it to the
  Ubuntu server again, which relays it through the tunnel to my

Do I have that right?

> I have attached my config.

Another stupid question: does eth0 need to be in promiscuous mode for
the bridge to work?

Thanks for sharing your config and your solution, by the way. This
could be very very useful to me. I always thought you effectively 
needed to run OpenVPN on your firewall.

- Paul


More information about the kwlug-help mailing list