You are not logged in.

#1 2012-11-12 10:06:53

archtom
Member
Registered: 2011-05-04
Posts: 58

[SOLVED] openvpn network usage after systemd migration not working

Hey,

I have a problem after migrating from initscripts to systemd.

I´m on Mac OS X with tunnelblick as a client. I can connect to the server properly but with the connection established it seems I´m no part of the server network. I can`t ping any computer in the network and I can`t connect to samba shares. iptables seems to be set up fine, cause If I go back to initscripts everything is working again. It is an openvpn bridge setup.

my setup:
- complete migration to systemd, removed initscripts and rc.conf
- enabled openvpn
systemctl enable openvpn@openvpn_server.service
# openvpn@NAME-OF-SERVER-CONFIG-FILE.service in /etc/openvpn/

server config file:

mode server
dev tap0
multihome
server-bridge 192.168.1.200 255.255.255.0 192.168.1.220 192.168.1.229
client-to-client
proto udp
port 1194
comp-lzo
persist-tun
persist-key
keepalive 10 120
ca /etc/openvpn/keys/ca.crt
dh /etc/openvpn/keys/dh1024.pem
cert /etc/openvpn/keys/archvpn.crt
key /etc/openvpn/keys/archvpn.key
tls-auth /etc/openvpn/keys/ta.key 0
tls-server
cipher AES-128-CBC
log      /etc/openvpn/openvpn.log

client config file

client
remote myserver.dyndns.org 1194
dev tap0
proto udp
port 1194
comp-lzo
ca ca.crt 
cert tom.crt 
key tom.key
persist-tun
persist-key
resolv-retry infinite
keepalive 10 120
tls-auth ta.key 1
tls-client
ns-cert-type server
verb 3
cipher AES-128-CBC
float

network config with netcfg

INTERFACE="br0"
CONNECTION="bridge"
DESCRIPTION="Ethernet/OpenVPN bridge"
BRIDGE_INTERFACES="eth1 tap0"
IP="static"
ADDR="192.168.1.200"
NETMASK="255.255.255.0"
GATEWAY="192.168.1.1"
DNS=("192.168.1.1")
CARRIER_TIMEOUT=10
eth1="eth1 promisc up"
tap0="tap0 promisc up"
br0="br0 192.168.1.200 netmask 255.255.255.0 up"

if you need to know anything else please let me know. Thanks in advance.

Last edited by archtom (2012-11-12 12:53:56)

Offline

#2 2012-11-12 10:25:50

65kid
Member
From: Germany
Registered: 2011-01-26
Posts: 663

Re: [SOLVED] openvpn network usage after systemd migration not working

ar you making sure that the tap0 device is created before the bridge is set up? I also have an OpenVPN server runnning on a bridge and I use two netcfg profiles, one creating the tap0 interface (see /etc/network.d/examples/tuntap) and one creating the bridge. Then set both in NETWORKS in /etc/conf.d/netcfg to make sure they are created in the correct order.
Check the output of:

$ brctl show
$ ip addr
$ systemctl status openvpn@openvpn_server

Last edited by 65kid (2012-11-12 10:26:55)

Offline

#3 2012-11-12 10:51:28

archtom
Member
Registered: 2011-05-04
Posts: 58

Re: [SOLVED] openvpn network usage after systemd migration not working

65kid wrote:

ar you making sure that the tap0 device is created before the bridge is set up? I also have an OpenVPN server runnning on a bridge and I use two netcfg profiles, one creating the tap0 interface (see /etc/network.d/examples/tuntap) and one creating the bridge. Then set both in NETWORKS in /etc/conf.d/netcfg to make sure they are created in the correct order.
Check the output of:

$ brctl show
$ ip addr
$ systemctl status openvpn@openvpn_server

can you please post your two config files? can this really be the issue if it is working with initscripts the way it is now? I only have one config file, the one posted above.

Last edited by archtom (2012-11-12 10:51:58)

Offline

#4 2012-11-12 10:57:23

65kid
Member
From: Germany
Registered: 2011-01-26
Posts: 663

Re: [SOLVED] openvpn network usage after systemd migration not working

One explanation why it worked with initscripts may be because you had openvpn before netcfg in the DAEMONS array, so the tap0 interface already existed when netcfg set up the bridge.

/etc/network.d/openvpn_tap

INTERFACE='tap0'
CONNECTION='tuntap'
MODE='tap'
USER='nobody'
GROUP='nobody'

/etc/network.d/openvpn_bridge

INTERFACE="br0"
CONNECTION="bridge"
DESCRIPTION="Ethernet/OpenVPN bridge"
BRIDGE_INTERFACES="eth0 tap0"

IP="static"
ADDR="172.16.20.1"
GATEWAY="172.16.20.254"
DNS=("172.16.20.254")

grep NETWORKS /etc/conf.d/netcfg

NETWORKS=(openvpn_tap openvpn_bridge)

Offline

#5 2012-11-12 12:51:56

archtom
Member
Registered: 2011-05-04
Posts: 58

Re: [SOLVED] openvpn network usage after systemd migration not working

working perfectly now!

thanks a lot, marked as solved smile

Last edited by archtom (2012-11-12 12:54:11)

Offline

Board footer

Powered by FluxBB