bridging question

Home Page Forums Network Management Networking bridging question

This topic contains 1 reply, has 0 voices, and was last updated by  mbdyson214@gmail.com 11 years, 2 months ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #40810

    I’d like to set up a bridge from our office lan
    to a remote location lan with a dsl. we have sonicwall
    routers at each end and it turns out they apparently
    can’t do bridging over vpn and have no l2tp support.

    I can’t get rid of the office sonicwall as our public
    facing router, but i can get rid of the sonicwall at the
    other end if necessary. the other end, btw, is not
    presently setup and will only host only one computer
    for doubletake replication.

    our goal is actually to simply be able to move the
    doubletake computer back and forth from office
    to remote location without reconfiguring it at all.

    we ideally don’t want to have to know anything
    about doubletake to accomplish this, hence the
    desire for a transparent bridge.

    i have no experience with bridging, but what I’m
    concerned about is whether we can bridge from
    behind the sonicwall.

    would i need L2TP over IPSEC to do accomplish
    what i need or would L2TP be enough if
    we aren’t concerned about security.

    more generally, how supportable/common is it
    to do something like this with zeroshell.

    thanks,
    Dave TYler

    #45976

    imported_fulvio
    Participant

    Zeroshell supports VPN bridging of two or more LAN by using OpenVPN.
    This type of VPN supports also the 802.1q VLAN trunking.

    Regards
    Fulvio

    #45977

    I am wondering why the zeroshell vmware download doesn’t come with more than one virtual network card. Is zeroshell able to do things
    without acting as a router?

    If I have the zeroshell vm running on two separate lans (home and
    work) and I configure the network card for each zeroshell to
    be a fixed ip on its respective lan, and I forward traffic on 1195 UDP
    to each zeroshell address respectively, and I setup a LAN-LAN
    vpn, what should happen?

    The VPN00 still says its connecting and the log on one end shows
    repeating.

    LZO compression initialized
    03:37:59 TUN/TAP device VPN00 opened
    03:37:59 UDPv4 link local (bound): [undef]:1195
    03:37:59 UDPv4 link remote: XXX.XXX.XXX.XXX:1195
    03:38:02 [UNDEF] Inactivity timeout (–ping-restart), restarting
    03:38:02 SIGUSR1[soft,ping-restart] received, process restarting
    03:38:04 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    03:38:04 LZO compression initialized
    03:38:04 TUN/TAP device VPN00 opened
    03:38:04 UDPv4 link local (bound): [undef]:1195
    03:38:04 UDPv4 link remote: XXX.XXX.XXX.XXX:1195

    I configured the vpn on each side, and one side was setup as
    client and the other as server. I gave each vpn setup the
    public address of the other end’s router. As mentioned, I
    forwarded traffic accordingly, and I left the defaults for all the
    other settings. I did setup the gateway address for each and saw
    that in the console of zeroshell I could ping external IPs.
    But I couldn’t ping through the tunnel (there was never a tunnel
    listed as working that I saw).

    I am going to try to setup a simpler test environment, because
    one side had double natting and who knows what one of the routers
    might have said to the other in the dark 😉

    But I want to make sure I’m doing this right. I am basically going to
    setup two lans each with the same subnet settings, slap a router on each,
    and give the routers fake public ip addresses in the same network so they
    can talk without any other routers, connect the WANs of each router with
    a switch, make sure all things are pingable properly, and config the
    zeroshell virtual machines like I did already. Again that was to setup
    their network cards to have distinct LAN addresses with gateways to
    their router. And then on the LAN-to-LAN VPN setup page I click the
    create VPN button and just enter the fake public ip address of the
    opposite router. Then the tunnel should come up right? If it does,
    I should then be able to ping from one lan to the other, right?

    Thanks for your help,
    Dave Tyler

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.