I'm really struggling with this because I'm not a network admin, only a mortal programmer.
Linode gives you an external and internal IP for use with other nodes on the linode network. In my case I've configured my external interface like this:
# The loopback interface
auto lo
iface lo inet loopback
# Configuration for eth0 and aliases
# This line ensures that the interface will be brought up during boot.
auto eth0 eth0:0 eth0:1
# eth0 - This is the main IP address that will be used for most outbound connec$
# The address, netmask and gateway are all necessary.
iface eth0 inet static
address 97.107.XXX.XX
netmask 255.255.255.0
gateway 97.107.XXX.1
# eth0:1 - Private IPs have no gateway (they are not publicly routable) so all $
# specify is the address and netmask.
iface eth0:1 inet static
address 192.168.140.135
netmask 255.255.128.0
What's missing here before eth0:1 is the interface eth0:0 which I want to use for my VPN. Do I have to do this? Well I added this to my interfaces file between eth0 and eth0:1
iface eth0:0 inet static
address 10.10.10.1
netmask 255.0.0.0
So I've started installing openvpn and generated the keys. This worked, as far as I can judge. I'm having problems with the openvpn server configuration. I want to be able to access my VPS' files from home or on the go, and maybe access the internet through it (maybe at a later stage, I don't know, I'm mainly interested in having access to my VPS and its files)
Among others, I have the following in my server.conf
dev tap1
server-bridge 10.10.10.1 255.0.0.0 10.10.10.50 10.10.10.100
Is this correct? Or do I have to use something else there.
I added some iptables mumbo jumbo for the bridges.
iptables -A INPUT -i tap0 -j ACCEPT
iptables -A INPUT -i br0 -j ACCEPT
iptables -A FORWARD -i br0 -j ACCEPT
It says tap0 here even tho everywhere else it's tap1. I'm getting these numbers from a guide (http://www.linode.com/wiki/index.php/OpenVPN). I don't know whether this is correct.
I then created a bridge-start script:
#!/bin/bash
#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################
# Define Bridge Interface
br="br0"
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap1"
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0:0"
eth_ip="10.10.10.1"
eth_netmask="255.0.0.0"
eth_broadcast="10.10.10.255"
for t in $tap; do
openvpn --mktun --dev $t
done
Again, I have no idea what I'm actually doing here... Since I decided to use 10.10.10.1 I guess the default netmask would be 255.0.0.0. I've also added a similar bridge-stop script. Anyways if I want to start my bridge-start script I'm getting:
kitsune@makemake:/etc/openvpn/# /etc/openvpn/bridge-start
Thu Jun 25 21:08:36 2009 TUN/TAP device tap1 opened
Thu Jun 25 21:08:36 2009 Persist state set to: ON
SIOCSIFFLAGS: Cannot assign requested address
SIOCSIFFLAGS: Cannot assign requested address
SIOCSIFFLAGS: Cannot assign requested address
When I then try to start the openvpn it fails.
Can anybody make sense of this?
