Boa tarde a todos !!!
meu problema é o seguinte ..
tenho toda a rede funcionando tranquilamente..
mas da vpn não consigo acessar a lan e nem vice versa
fiz alguns testes com algumas rotas, as vezes uma maquina conseguia
pingar outra....
tenho quase certeza de que é só alguma rota q falta, mas ai num sei se
seria no servidor, nos clientes ou em ambos .....
segue minha configuração de vpn
Desde já agradeço!!!
#!/bin/bash
#/etc/openvpn/bridge-start
br="br0"
tap="tap0"
eth="eth2"
eth_ip="172.10.99.100"
eth_gw="172.10.8.100"
eth_netmask="255.255.255.0"
eth_broadcast="172.10.99.250"
for t in $tap; do
openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
route add default gw $eth_gw dev $br
###############################################################################
#!/bin/bash
#/etc/openvpn/brdige-stop
br="br0"
tap="tap0"
ifconfig $br down
brctl delbr $br
for t in $tap; do
openvpn --rmtun --dev $t
done
###############################################################################
Configuração do servidor vpn
proto udp
port 1194
dev tap0
tls-server
keepalive 10 50
server-bridge 172.10.99.100 255.255.255.0 172.10.99.102 172.10.99.199
push "route-gateway 172.10.99.100"
push "route 172.10.8.0 255.255.255.0 172.10.99.100"
push "route 172.10.99.0 255.255.255.0 172.10.8.100"
persist-tun
persist-key
ifconfig-pool-persist /etc/openvpn/ipp.txt
client-to-client
dh /etc/openvpn/keys/dh1024.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
comp-lzo
verb 3
##########################################################################
Configuração do cliente vpn
proto udp
port 1194
remote xxx.xxx.xxx.xxx 1194
tls-client
client
keepalive 10 120
comp-lzo
pull
dev tap
dh /etc/openvpn/keys/dh1024.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/cliente.crt
key /etc/openvpn/keys/cliente.key
persist-key
persist-tun