Bridging and Routing (4 Nic's on one machine)
Roger Grosswiler
roger at gwch.net
Fri Sep 22 06:05:27 UTC 2006
> Perhaps I haven't stand fine. I stand you have an external iface (that
is a wifi interface) and you want to connect to your computer using an
VPN (OpenVPN) and then access to your internal network. Am I right?
>
> If I right, you don't need bridge configuration.
>
> When you configure OpenVPN server, this will add a new iface to your
server, then, you only need to allow routing from your VPN network to
your internal network (allow routing and allowing with iptables the
traffic).
>
> The problem that you will encounter is the netbios broadcast frames that
don't allow you explore de routed networks (internal network), but using
direct acces via IP you will access without problems to your samba
shared (windows shares).
>
> Regards
>
> Roger Grosswiler escribió:
>> I would like to install openvpn afterwards and gain access via wlan on the
>> external if to the internal network and use printers, shares etc.
>>
>> I think i gonna need bridging there(?)
>>
>> Roger
>>
>>> Think in a bridge as a kind of switch. It works at OSI Level 2 (Ethernet)
>>> not at upper levels (IP).
>>>
>>> The IP you assign to bridge must be the IP you need to access to the
IP subnet you need to access from the bridge interface.
>>>
>>> The first question is: Do you really need a bridge?
>>>
>>> If you don't need to connect networks at Ethernet level, you don't
need it.
>>>
>>> Perhaps I don't stand fine your required configuration, but I can't
see that you really need bridges.
>>>
>>> Can you explain a bit more your wanted configuration?
>>>
>>> Regards
>>>
>>> --
>>> Samuel Díaz García
>>> ArcosCom Wireless, S.L.L.
>>>
>>> CIF: B11828068
>>> c/ Romero Gago, 19
>>> Arcos de la Frontera
>>> 11630 - Cadiz
>>>
>>> http://www.arcoscom.com
>>>
>>> mailto:samueldg at arcoscom.com
>>> msn: samueldg at arcoscom.com
>>>
>>> Tlfn.: 956 70 13 15
>>> Fax: 956 70 34 83
>>>
>>>
>>> El Jue, 21 de Septiembre de 2006, 9:03, Roger Grosswiler escribió:
>>>> Hello,
>>>>
>>>> I think about bridging the firewall on the next install.
>>>> Unfortunately,
>>>> the same firewall routes to 2 other subnets:
>>>>
>>>> - 1 external
>>>> - 1 DMZ
>>>>
>>>> Both have separate IP-Ranges. In fact, with the internal Network, i have
>>>> 3
>>>> Subnets (internal-> eth0, external -> eth1, dmz -> eth2)
>>>>
>>>>
>>>> I would like to now:
>>>>
>>>> Can i use this combination:
>>>>
>>>> 1 bridge eth0->eth1
>>>> 1 bridge eth0->eth2
>>>>
>>>> and: which ip-adress does the bridge need? is there any ip possible
or which one is to set preferably on the bridge?
>>>>
>>>> Thanks for your replies.
>>>>
>>>> Roger
>>>>
>>>> --
What i would like to have:
Connection 1:
Client from internal Lan (10.0.0.0) -> Firewall (Proxy)
10.0.0.0/192.168.0.0 -> www (*ouch*)
Connection 2:
Client with WLAN external (192.168.0.0) -> Firewall (10.0.0.0) -> Using
resources from internal LAN (10.0.0.0)
on connection 2, i think i need bridging with the ip-adress from my
internal lan, as otherwise openvpn wouldn't let me use the internal
resources like printers etc.
The WLAN-Card is on a clients side using Network 192.168.0.0. My favourite
would be having both connections on 2 nics using a bridge...
Isn't this correct?
Thanks,
Roger
More information about the fedora-list
mailing list