OpenVPN - Bridge Public IP to client

1

[Copied from Serverfault, as this question was put on hold there]

I have been trying to bridge a public IP assigned to my server to a server at home using OpenVPN. The connection to the OpenVPN server works, but after connecting, my client (server at home) doesn't have any connection to the outside.

Both machines are running Debian 8. Here are the config files:

/etc/network/interfaces (Server):

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
auto eth0
iface eth0 inet manual
iface eth0 inet6 manual

auto br0
iface br0 inet static
    address 84.200.68.136
    netmask 255.255.255.0
    network 84.200.68.0
    gateway 84.200.68.126
    broadcast 84.200.68.255
    # dns-* options are implemented by the resolvconf package, if installed
    dns-nameservers 8.8.8.8
    dns-search tobisoft.de
    pre-up openvpn --mktun --dev tap0
    bridge_ports eth0 tap0
    bridge_fd 3

iface br0 inet6 static
    address 2001:1608:10:190::1194
    address 2001:1608:10:190::1195
    netmask 64
    gateway 2001:1608:10:190::1
    bridge_ports eth0 tap0
    bridge_fd 3

/etc/network/interfaces (Client)

# The loopback network interface
auto lo eth0 eth1 eth2
iface lo inet loopback


# The primary network interface
iface eth1 inet dhcp
# This is an autoconfigured IPv6 interface
iface eth1 inet6 auto

iface eth0 inet dhcp
iface eth0 inet6 auto


iface eth2 inet static
    address 192.168.10.1
    netmask 255.255.255.0

OpenVPN Server Config:

port 1194
proto udp
dev tap
ca ca.crt
cert vpn.tobi-soft.de.crt
key vpn.tobi-soft.de.key  # This file should be kept secret
dh dh2048.pem
server-bridge 84.200.68.126 255.255.255.0 84.200.68.135 84.200.68.135
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3

ip route show on client when connected to VPN:

0.0.0.0/1 via 84.200.68.126 dev tap0 
default via 192.168.0.1 dev eth0 
84.200.68.0/24 dev tap0  proto kernel  scope link  src 84.200.68.135 
84.200.68.136 via 192.168.0.1 dev eth0 
128.0.0.0/1 via 84.200.68.126 dev tap0 
192.168.0.0/24 dev eth0  proto kernel  scope link  src 192.168.0.194 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.101 
192.168.10.0/24 dev eth2  proto kernel  scope link  src 192.168.10.1

ip route show on server when connected:

default via 84.200.68.126 dev br0 
84.200.68.0/24 dev br0  proto kernel  scope link  src 84.200.68.136

IP forwarding is enabled on both servers. No firewall is enabled on the server or client right now.

For clarification, the client IP should be .135 and the server is .136.

Am I missing a route or am I doing something completely wrong?

Tobias Timpe

Posted 2016-10-22T18:53:38.017

Reputation: 171

No answers

Asked: 2016-10-22T18:53:38.017

Viewed: 731 times

Active: 2016-10-22T18:53:38.017