Help with setting up zentyal-to-zentyal openvpn bridge with 1 subnet 2 locations

[marvelouzone]

So here's my setup:
zentyal 3.2

server1 eth0(extern wan) eth1(intern lan)
server2 eth1&2(extern wan load balance) eth0(intern lan)


server1 eth1 static 10.1.10.2/24 dhcp server range 10.1.10.101 - 254
           eth0 public dynamic
server2 etho static 10.1.10.1/24 dhcp server range 10.1.10.15 - 100

server 1&2 zentyal-zentyal openvpn(tap) with server 1 being the client. vpn subnet 192.168.180.0/24

here's what i'm trying to accomplish:

trying to create ethernet bridge between server 1&2 using same subnet on both sides. I have some network tv tuners that work with windows media center that has to be in same subnet as its clients. I'm trying to use these at my garage which is a few miles away from my house. from my research these devices work over broadcast and need to be in the same subnet.

whats the easiest way to create the bridge.. I've tried setting up using the gui, but all my trials have led me to believe that the gui just doesnt allow this and I'm going to have to do it using the conf files, but not sure which ones to edit as i know zentyal uses scripts. I did find the tutorial on openvpn for doing this, but dont think just editing the openvpn conf files and bridging existing taps will work.

so my thought are:
server 1 tap0(192.168.180.1) needs to be bridged to eth1 with br0 having the address of 10.1.10.2
server 2 tap0(192.168.180.2) needs to be bridged to eth0 with br0 having the address of 10.1.10.1

looking like this:
                    10.1.10.2                                                              10.1.10.1         
                         |                                                                           |
lan seg1------eth1/br0------server1-------internet-------server2------eth0/br0-------lan seg2
     |                |                                                                              |                  |
     |            openvpn tap0-----------------vpn-bridge---------------tap0 openvpn          |
     |                             |                                                           |                        |                   
     |                    192.168.180.1                                      192.168.180.2               |
10.1.10.101-254                                                                                         10.1.10.15-100   


greatly appreciate any help given   

[marvelouzone]

bump for help?

[c4rdinal]

Just install Zentyal OpenVPN and configure zentyal-to-zentyal. Here you'll get same subnet on vpn interface.

Follow this document:

http://doc.zentyal.org/en/vpn.html
http://www.zentyal.org/2013/05/how-to-set-up-a-vpn-on-your-zentyal-small-business-server/


HTH

[marvelouzone]

Just install Zentyal OpenVPN and configure zentyal-to-zentyal. Here you'll get same subnet on vpn interface.

Follow this document:

http://doc.zentyal.org/en/vpn.html
http://www.zentyal.org/2013/05/how-to-set-up-a-vpn-on-your-zentyal-small-business-server/


HTH

I tried this method, but it didnt create a bridge. maybe I'm missing something, but I set one zentyal box to server other to client with the zentyal vpn config, with zentyal-to-zentyal checked but my vpn address was in different subnet than my local subnets. do I need to bridge tap interfaces to ethernet interfaces?

[c4rdinal]

I tried this method, but it didnt create a bridge. maybe I'm missing something, but I set one zentyal box to server other to client with the zentyal vpn config, with zentyal-to-zentyal checked but my vpn address was in different subnet than my local subnets. do I need to bridge tap interfaces to ethernet interfaces?

VPN Subnet must be different from your local network. I'm not currently using Zentyal VPN, so I really can't simulate. You can try toggleling NAT to OFF and see how it's doing. And make sure you can route vpn traffic by making sure you have route set and your firewall is not blocking it.

Here's how:

Zentyal Firewall for OpenVPN connections. Go to Firewall -> Packet Filter- > Filer rules from Internal Network to Zentyal – Configure Rules and hit on Add New.

On the newly rule make the following settings and when you finished hit on Add.

    Decision = Accept
    Source = Any
    Service = your vpn service rule

You need need to add a VPN Service prior to this. Use the following settings on vpn service configuration and when you’re done hit on Add.

    Protocol = UDP (if on VPN Server configuration you selected TCP protocol make sure you add a new service here with same port on TCP).
    Source Port = Any.
    Destination Port = 1194.


Also make sure your local network is in the list of ADVERTISED NETWORK.

HTH

[marvelouzone]

I tried this method, but it didnt create a bridge. maybe I'm missing something, but I set one zentyal box to server other to client with the zentyal vpn config, with zentyal-to-zentyal checked but my vpn address was in different subnet than my local subnets. do I need to bridge tap interfaces to ethernet interfaces?

VPN Subnet must be different from your local network. I'm not currently using Zentyal VPN, so I really can't simulate. You can try toggleling NAT to OFF and see how it's doing. And make sure you can route vpn traffic by making sure you have route set and your firewall is not blocking it.
HTH

thanks I am aware of this method, but that is not bridging, that is routing.. I'm trying to setup an ethernet bridge(same subnet, two locations) using openvpn, I know its possible, I have set it up using openvpn with ddwrt routers

[igord93]

I'm tring to do the same thing, but im not able to reach the computers in other subnets, just my servers that are in the 192.168.0.x subnet, I set a VPN server here, and a client with a 3g modem for testing.

And I can reach my servers in the subnet that a metioned above, but a computer, even with its object advertised, I can´t reach it.