Bridge lan using openvpn

TqB · May 28, 2020, 12:50pm

This is extremely clear but documentation on this page is too thin. It look as easy step-by-step manual and then remove randomly lines.

I want connect two separate private lan together. Using Access Server. I want build this two network as one. Networks are really separate. Openwrt router works on both sides, internet connection etc.

First network is 10.15.0.0/22; default gateway = router ip = 10.15.0.1. DHCP pool 10.15.1.1-254. Second network is just identical, but address space is 10.16.0.0/22.

Not work. I am sure this is easy as 1-2-3, but this information page is too thin.

First. Both network work properly and Openwrt x86 work properly. Access Server is ok.

End of this document is: "ifconfig br0" and router says Device not found. ifconfig -a found br-lan, eth1, eth0, lo.

/etc/config/network file contain next (shortly)
config interface 'looback', lo, static, 127.0.01,255.0.0.0 (standard default)
config interface globals (default)
config interface lan, bridge, eth0, static, 10.15.0.1, 255.255.252.0
config interface wan, eth1 dhcp
(And this all in it cute right fine text not as here).

Openvpn bridge_up.sh is just as standard, https://docs.openvpn.net/wp-content/uploads/bridge-up.sh reason eth=eth0=lan so this does not need edit. Client.conf is also right.

SO, LOOK PROBLEM IS this "br0". This openvpn page does not explain how to add this interface. https://docs.openvpn.net/wp-content/uploads/l2sitetosite.png as see, this "br0" is possible found from this picture. But this "br0" it is not in bridge_up.sh, bridge_down.sh and network-settings. And, no any information tell how to configure this.

I see clearly my system is easy. Problem is, manual on this page in too thin. Now working three days with this- without result.

If anyone have more information, please help me. 1, how to force add this "br0", 2, any ideas what is wrong and 3, if know step by step "how to build bridged openvpn using access server"... Building is easy, but this openvpnsite is as long list. And most important lines removed. I am extremely sure this all is easy, but... eg. "how to build br0".

krazeh · May 28, 2020, 12:56pm

Do you actually need both networks connected via a layer 2 bridge? Are you doing anything with the networks that can't be achieved by a layer 3 site-to-site connection?

TqB · May 28, 2020, 2:23pm

Not familiar with "layer2" and "layer3".

Access server needed reason later I will add more sites and even portable sites (laptop on the travel)
Sites ip dynamic. Aggressively dynamic reason mobile (4G). Not possible get static ip. So Access Server needed: cloud, static ip.

ulmwind · May 28, 2020, 2:41pm

Your link is about OpenVPN Access Server, it is not pure OpenVPN-server. So see initially difference between 'tap' and 'tun' interfaces.

krazeh · May 28, 2020, 3:07pm

Are you happy with the two networks remaining separate as 10.15.0.0/22 and 10.16.0.0/22? If so then you don't need a layer 2 bridge which makes things a little less complicated.

Do you have a static IP for either of the current sites? If not, can you set up a hostname and dynamic DNS to update it?