From owner-freebsd-stable@FreeBSD.ORG Tue Mar 20 09:27:35 2007 Return-Path: X-Original-To: freebsd-stable@FreeBSD.ORG Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BD4BC16A400 for ; Tue, 20 Mar 2007 09:27:35 +0000 (UTC) (envelope-from willy@rompen.nl) Received: from sun.rompen.nl (rompen.nl [195.240.39.113]) by mx1.freebsd.org (Postfix) with ESMTP id 3CB8C13C468 for ; Tue, 20 Mar 2007 09:27:35 +0000 (UTC) (envelope-from willy@rompen.nl) Received: from wiz.rompen.nl (wiz.rompen.nl [192.168.1.64]) by sun.rompen.nl (8.13.8/8.13.6) with ESMTP id l2K8xgd6093359; Tue, 20 Mar 2007 09:59:42 +0100 (CET) (envelope-from willy@rompen.nl) Received: from willy by wiz.rompen.nl with local (Exim 4.50) id 1HTaBv-0008Jg-Um; Tue, 20 Mar 2007 09:59:40 +0100 Date: Tue, 20 Mar 2007 09:59:39 +0100 From: Willy Offermans To: Patrick Holthaus Message-ID: <20070320085939.GA31236@wiz> References: <200703171200.08932.patrick.holthaus@uni-bielefeld.de> <20070318121122.GA5457@wiz> <200703192348.02590.patrick.holthaus@uni-bielefeld.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200703192348.02590.patrick.holthaus@uni-bielefeld.de> User-Agent: Mutt/1.5.9i X-Spam-Status: No, score=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_50 autolearn=ham version=3.1.8 X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on sun.rompen.nl X-Virus-Scanned: ClamAV 0.90/2880/Tue Mar 20 06:04:21 2007 on sun.rompen.nl X-Virus-Status: Clean Cc: freebsd-stable@FreeBSD.ORG, openvpn-users@lists.sourceforge.net Subject: Re: [Openvpn-users] DHCP via OpenVPN X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Willy@rompen.nl List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Mar 2007 09:27:35 -0000 Hello Patrick, On Mon, Mar 19, 2007 at 11:47:58PM +0100, Patrick Holthaus wrote: > Hi again! > > > > Now my questions are: > > > Do I need bridging for making the DHCP server work in the VPN? > > > How should the configuration files look like? > > > > You __do not__ need bridging for making the DHCP server work in the VPN > > environment! > > Thank you. I think many people appearently do not know that bridging is not > needed to make it work. So many have told me I had to set up bridging... > > > Your server and client should use the tap device to communicate. Did > > you establish that connection? Remove the line: > > server-bridge 10.8.0.1 255.255.255.0 10.8.0.100 10.8.0.199 > > from your ``server'' configuration file. The vpn communication still > > should work! Make sure the dhcpd is listening on the tap device and > > assigns IP appropriately. Make sure the dhcpd updates the named. > > It took me a few moments to recognize that the dhcpd only listens on tap0 if > it is started afterwards. I could have guessed that... This is indeed the case and causes me some headache. I'm running FreeBSD and I'm looking to configure and initialize the tap device at boot time. In that way dhcpd and named have the device present at the time it is needed. Since if the machine has to be rebooted, and luckily this only happens very rarely (making this issue even more difficult), then I have to restart dhcpd and named manually. This is something you easily going to forget about! Since FreeBSD is to serve you, I'm looking how to tackle this little inconvenience. So if you want to know more, have a look in the FreeBSD stable mailing list as well. > > > Now depending on what you want to do, it can be handy to have a bridge > > between the tap device of the server and the normal NIC. It can also be > > handy to have a separate subdomain for the vpn clients or not. Make up > > your mind! > > I am. Thanks for your suggestions. You pointed out some useful things. > Finally i got it working... Perfect, it is a nice piece of software and our road warriors appreciate it a lot. > > Patrick -- Met vriendelijke groeten, With kind regards, Mit freundlichen Gruessen, De jrus wah, Willy ************************************* W.K. Offermans Home: +31 45 544 49 44 Mobile: +31 653 27 16 23 e-mail: Willy@Offermans.Rompen.nl Powered by .... (__) \\\'',) \/ \ ^ .\._/_) www.FreeBSD.org