Bridged VPN connection between 2 offices.

Home Page Forums Network Management Networking Bridged VPN connection between 2 offices.

This topic contains 1 reply, has 0 voices, and was last updated by  kenadak 12 years, 6 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #40513

    kenadak
    Member

    fulvio asked me to post a diagram of how I set this up.

    So, here it is… there is only one issue I’m having right now, and I will ask how to fix it at the end:

    LAN1

    |
    |
    ZeroShell 1
    |
    |
    Internet
    |
    |
    ZeroShell 2
    |
    |

    LAN2

    Both ZeroShell’s are configured:
    Eth0 – Internal
    Eth1 – External -Nat’ed
    VPN0 – Lan-to-Lan
    Bridge0 – Eth0&VPN0 IP= 192.168.0.1 (for ZeroShell 1) and 192.168.0.2 (for 2)
    DHCP set up with 192.168.0.100 – 150 (for 1) 192.168.151-200 (for 2)

    and here is the problem:
    if a machine with a valid lease from LAN1 is moved to LAN2 (aka laptop) the DHCP server from the other lan responds. how can I disallow DHCP traffic between the bridge?

    #45025

    imported_fulvio
    Participant

    Are you sure you need to enable two dhcp servers? Because LAN1 and LAN2 are bridged using the VPN lan-to-lan, layer 2 broadcast is forwarded and hence you only need one dhcp server.
    In any case, if you want to be sure that dynamic assignment of the IPs occurs also when the VPN is broken because the Internet connection is unavailable, then you must have two dhcp, but to solve your issue, you have to drop with the firewall on both Zeroshell router the UDP packets incoming from VPN interface and with destination the port 67 (bootp server).

    Regards
    Fulvio

    #45026

    kenadak
    Member

    you answered your own question… the DHCP at both ends is to insure if the VPN is unavailible the users of each lan can get to the internet.

    thanks for the port for bootp I should have thought of that.

    Ken

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.