[kwlug-help] Openvpn assistance request.

Chamunks Arkturus chamunks at gmail.com
Sun Aug 21 02:09:11 EDT 2011


Looks like I have some reading to do, I really adore ubuntu documentation.
 When being introduced to a complex subject with many factors I like being
spoon fed sometimes...
Chris I will be probably testing this with my android device but it seems as
though bell has not wanted to play very well with my previous attempts at
pptp over android (Pre gingerbread)
I will try both the Gingerbread native openvpn support and the rooted
busybox as I have a rooted nexus s myself and am quite interested in seeing
how that goes.

It wouldn't be the first time that the android implementation of something
fell short of par.  (cough, SIP cough...).

I appreciate the assistance and all of the advice for clearing up my
wants/needs here its nice to be able to actually bounce some of my insanity
off people who don't look at me like an alien...

On Sun, Aug 21, 2011 at 12:00 AM, Chris Irwin <chris at chrisirwin.ca> wrote:

> On Sat, Aug 20, 2011 at 10:01:13PM -0400, Paul Nijjar wrote:
> > Could you help me understand the bridging magic? Say I am using a
> > laptop and want to connect to an arbitrary site. I connect to the
> > OpenVPN network, type the address into the URL, and then the traffic
> > moves as follows?
> >
> > - The packet goes from my laptop to my Tomato router,
> >   which it finds via dynamic DNS
> > - That router uses port forwarding to send the packet to my Ubuntu
> >   server. It arrives via the TAP interface?
> > - The Ubuntu server sends the packet back out through eth0 to the
> >   Tomato router?
> > - Then the Tomato router gets the response and forwards it to the
> >   Ubuntu server again, which relays it through the tunnel to my
> >   laptop?
> >
> > Do I have that right?
>
> Essentially, yes. I'm running OpenWRT on my router. I might look in
> to having OpenVPN run on it directly instead of my server. The config
> is not ubuntu-specific, and openwrt already has a bridged interface
> (WLAN and LAN interfaces are actually separate, but bridged to appear as
> one network).
>
> In the OpenVPN setup I am using, you have the following Logical and
> Physical paths to the internet. (Where => is encrypted tunnel, and ->
> is not)
>
> Logical:
>
>    Laptop -> Server -> Router -> Internet
>
> Physical:
>
>    Laptop => Internet => Router => Server -> Router -> Internet
>
> > > I have attached my config.
> >
> > Another stupid question: does eth0 need to be in promiscuous mode for
> > the bridge to work?
>
> I'd imagine so. It needs to receive packets destined for hosts other
> than itself (any and all machines on the VPN). The bridge might do that
> automatically.
>
> I'm on a switched network anyway...
>
> > Thanks for sharing your config and your solution, by the way. This
> > could be very very useful to me. I always thought you effectively
> > needed to run OpenVPN on your firewall.
>
> I wasn't sure how well it would traverse into NAT either, but it is
> pretty simple: one udp port.
>
> --
> Chris Irwin
> e:  chris at chrisirwin.ca
> w: http://chrisirwin.ca
>
> _______________________________________________
> kwlug-help mailing list
> kwlug-help at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-help_kwlug.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-help_kwlug.org/attachments/20110821/26624514/attachment-0001.html>


More information about the kwlug-help mailing list