Comments on: Setting up OpenVPN in debian/ubuntu

By: Laplinux

Laplinux — Thu, 08 Jul 2010 10:18:04 +0000

Hello
What Ubuntu version this working ?

is it 8.10 and 9.04

I must test this. thnaks

By: Setting up OpenVPN server on debian or ubuntu | WithExample

Setting up OpenVPN server on debian or ubuntu | WithExample — Sat, 03 Apr 2010 08:52:56 +0000

[...] Setting up OpenVPN server on debian or ubuntu April 3, 2010 | Posted by admin (online) http://www.monkeedev.co.uk/blog/2009/03/06/setting-up-openvpn-in-debianubuntu/ [...]

By: epixoip

epixoip — Sat, 27 Mar 2010 06:04:47 +0000

Just a quick note about the bridging script — completely unnecessary on a Debian (or Debian-like) system, and seems to be causing people a lot of confusion. Just put something like the following in /etc/network/interfaces:

——————————————

iface eth0 inet manual

auto br0
iface br0 inet static
pre-up /usr/sbin/openvpn –mktun –dev tap0
bridge_ports eth0 tap0
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.1

——————————————

If you receive an error to the effect of “Cannot ioctl TUNSETIFF tap0,” try tap1 instead.

That’s all there is to it — no silly scripts.

By: Kris

Kris — Mon, 08 Mar 2010 22:25:29 +0000

The server bridge line should use the following format:

server-bridge [netmask] [first ip to assign] [last ip to assign]

The final 2 parameters should match addresses on your local network which the openvpn server can assign to clients when they connect. It’s likely that you’ll need to change this in your setup if your local network isn’t using the 10.1.0.x range.

By: Dec

Dec — Wed, 03 Mar 2010 23:51:57 +0000

Hi,
I followed your guide and all seemed to go well untill I ran ./bridge start. At this point my server dropped off the network. I can get it on again by running ./bridge stop.

What have I configured wrong in the server.conf file?
server-bridge 255.255.255.0 10.1.0.236 10.1.0.245.
is this what it should be or should it be the ISP’s gateway.
Also what should the push .route be?

Thanks for your help.
Dec

By: dynaken

dynaken — Thu, 31 Dec 2009 21:30:34 +0000

Cliff,

The command “update-rc.d bridge defaults” will make the bridging works again if the computer reboot. If you don’t do it everytime the computer reboot, then eth0 returns to it’s ip again without being bridged with tap0

So what you need to do is copy the script that he linked into a file called “bridge” and save it into /etc/init.d/

Once you did that do a chmod +x /etc/init.d/bridge so that it’s executable

Then do the update-rc.d bridge defaults and it’ll work. Make sure you edit the top portion of the script to cater your network before running the script.

You can run the briding right away without reboot by doing “/etc/init.d/bridge start”

By: Confused

Confused — Tue, 22 Dec 2009 20:45:48 +0000

I was ok until I came to the server.conf file. It wasn’t there but i assume this needs to be created from scratch? I’m stuck on the server bridging and the push route lines.

How do I know what to put for the start and end ips? No idea what to put for the push route either. I’m using a vps.

By: Vlado

Vlado — Wed, 09 Dec 2009 14:48:32 +0000

Excellent tutorial. It worked on a debian lenny box and the only thing that I had to change is the line in server.conf:

dev tap

dev tap0

because we are using already defined tap interface(see more about Ethernet Bridging in OpenVPN documentation)

Otherwise, I was wondering about one thing:
How can I remove pkcs12 client from server’s database?

Regards, Vlado

By: Cliffy

Cliffy — Mon, 16 Nov 2009 16:04:54 +0000

“You will also need to set it to create the bridge at boot time:

update-rc.d bridge defaults”

I don’t get this part. Trying to run that as a command doesn’t work. I can’t see where I would set up the interface at boot. Should I just put the script you linked in rc.local?

By: djsnick

djsnick — Sun, 15 Nov 2009 05:47:21 +0000

@ dugger

as root, try ‘chmod 700 *’ in /etc/openvpn/easy-rsa