Voip Solutions For Blocked Voip Countires
I am writing this howto with examples for all the users and administrator looking
for a step by step guide of openvpn bridge mode as it is very much difficult for new users to install and configure openvpn in bridge mode . There are very much detailed howto and wiki on openvpn official website OpenVPN 2.0 HOWTO and Official document: but still it is difficult for new users.
Please follow the step by step configuration guide to install openvpn in bridge mode on linux ( fedora , centos, redhat) and other linux distributions as well .
Openvpn Ethernet Bridging
Step 1:
first of all you need install the linux on your system having two Network (Ethernet ) interface eth0 and eth1 . then you need to check the configuration for the network with "ifconfig -a" command and you will be having result as below :
#> ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:13:72:40:26:7F
inet addr:10.4.3.17 Bcast:10.4.3.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe40:267f/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:51999 errors:0 dropped:0 overruns:0 frame:0
TX packets:15652 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:5051569 (4.8 MiB) TX bytes:1757669 (1.6 MiB)
eth1 Link encap:Ethernet HWaddr 00:13:72:40:26:80
inet addr:192.168.100.17 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe40:2680/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5747 errors:0 dropped:0 overruns:0 frame:0
TX packets:2340 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:470066 (459.0 KiB) TX bytes:253434 (247.4 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:491 errors:0 dropped:0 overruns:0 frame:0
TX packets:491 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:130767 (127.7 KiB) TX bytes:130767 (127.7 KiB)
Then you need to save the above ip configuration and proceed with another command "route -n " and the results will be as below :
#> route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.4.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth0
192.168.0.0 192.168.100.254 255.255.0.0 UG 0 0 0 eth0
0.0.0.0 10.4.3.1 0.0.0.0 UG 0 0 0 eth1
you need to save this configuration on a notepad so you can use in future for comparision .
Step 2 :
Now you have completed the first step you need to install the bridge-utils.rpm package for your linux distribution , you can use either yum or you can download rpm and proceed . bridge-utils rpm build for : Fedora 10
once the bridge-utils installed on your system you need to create a bridge script so we will be creating a bridge scrip in next step .
Step 3:
Now you need to write the script for bridge to start so we are creating bridge-start file as below
#> cat /etc/openvpn/bridge-start
#!/bin/bash
#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################
# Define Bridge Interface
br="br0?
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2?.
tap="tap0?
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0?
eth_ip="10.4.3.17?
eth_netmask="255.255.255.0?
eth_broadcast="10.4.3.255?
for t in $tap; do
openvpn ""mktun ""dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
and then we need to create a bridge-stop file as below
#> cat /etc/openvpn/bridge-stop
#!/bin/bash
####################################
# Tear Down Ethernet bridge on Linux
####################################
# Define Bridge Interface
br="br0?
# Define list of TAP interfaces to be bridged together
tap="tap0?
ifconfig $br down
brctl delbr $br
for t in $tap; do
openvpn ""rmtun ""dev $t
done
Step 4:
Now we have completed the bridge script we need to start the openvpn with below commands the need to add a route with commands mentioned below :
#> cat /etc/rc.d/rc.local
# Start OpenVPN service
/etc/openvpn/bridge-start
/sbin/service openvpn start
# Add route
route add -net 192.168.0.0 netmask 255.255.0.0 gw 192.168.100.254 eth1
#route add default gw 10.4.3.1 eth0
route add default gw 10.4.3.1 br0
Note 1:
We should add the default gateway after we started the OpenVPN server, the bridge-start script will clear the default gateway.
Note2:
The default route should changed to br0 not eth0 "" the bridged interface.
Once we have made the changes according to the step 4 we need to confirm our configuration as we did in our first step with below commands and results
#> ifconfig -a
br0 Link encap:Ethernet HWaddr 00:13:72:40:26:7F
inet addr:10.4.3.17 Bcast:10.4.3.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe40:267f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48639 errors:0 dropped:0 overruns:0 frame:0
TX packets:15365 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4152487 (3.9 MiB) TX bytes:1727401 (1.6 MiB)
eth0 Link encap:Ethernet HWaddr 00:13:72:40:26:7F
inet addr:10.4.3.17 Bcast:10.4.3.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe40:267f/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:51999 errors:0 dropped:0 overruns:0 frame:0
TX packets:15652 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:5051569 (4.8 MiB) TX bytes:1757669 (1.6 MiB)
eth1 Link encap:Ethernet HWaddr 00:13:72:40:26:80
inet addr:192.168.100.17 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe40:2680/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5747 errors:0 dropped:0 overruns:0 frame:0
TX packets:2340 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:470066 (459.0 KiB) TX bytes:253434 (247.4 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:491 errors:0 dropped:0 overruns:0 frame:0
TX packets:491 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:130767 (127.7 KiB) TX bytes:130767 (127.7 KiB)
tap0 Link encap:Ethernet HWaddr AE:11:02:37:F7:88
inet6 addr: fe80::ac11:2ff:fe37:f788/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:301 errors:0 dropped:0 overruns:0 frame:0
TX packets:34402 errors:0 dropped:17 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:30484 (29.7 KiB) TX bytes:3010000 (2.8 MiB)
#> route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
10.4.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
10.4.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
192.168.0.0 192.168.100.254 255.255.0.0 UG 0 0 0 eth1
0.0.0.0 10.4.3.1 0.0.0.0 UG 0 0 0 br0
Step 5 :
Once you have confirmed the configuration as mentioned in step 4 so need to move further to created openvpn server.conf file which is openvpn main configuration file for server to be run in bridge mode , so we start the server.conf file as below
#> cat /etc/openvpn/server.conf
;local a.b.c.d
port 1194
;port 5000
# TCP or UDP server?
;proto tcp
proto udp
dev tap0
;dev tun
;dev-node MyTap
ca sample-keys/tmp-ca.crt
cert sample-keys/server.crt
key sample-keys/server.key # This file should be kept secret
dh sample-keys/dh1024.pem
;server 10.8.0.0 255.255.255.0
;ifconfig-pool-persist ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
server-bridge 10.4.3.17 255.255.0.0 10.4.3.221 10.4.3.230
;push "route 192.168.10.0 255.255.255.0?
;push "route 192.168.20.0 255.255.255.0?
push "route 10.4.0.0 255.255.0.0 10.4.3.1?
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
;learn-address ./script
;push "redirect-gateway"
;push "dhcp-option DNS 10.8.0.1?
;push "dhcp-option WINS 10.8.0.1?
;client-to-client
client-to-client
;duplicate-cn
duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
comp-lzo
# The maximum number of concurrently connected
# clients we want to allow.
;max-clients 100
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
;log openvpn.log
;log-append openvpn.log
verb 4
;mute 20
Note: It is very easy to install and
config OpenVPN serverconfig OpenVPN server on Windows XP. We should remember add the bridge between the local network interface and the virtual network interface.
Congratulation! you are done with openvpn bridge setup on linux .
by: VOIP Expert
5 Benefits of Switching to VOIP Technology in 2011 Setu Vtep Voip To T1/e1 Isdn Pri Gateway Gain Greater Organizational Efficiency With VOIP Solutions The Benefits Of A Voip System Categorisation And Back-end Processes Of Voip Avoid VOIP Hackers and Fraud What To Look For In A Voip Vps Server What Is Behind Voip Technology Requirements For Voip VoIP Adapter – Helping You Make Calls with Ease Solutions To Voip Problems Contribution Of Voip In Present Stand Of Web Hosting Ip Primer for Voip Systems