guyinsb
4
I agree; it should be easy. But not for me! I have a pretty simple set up:
- server is a Shibby router, set up for tap with 192.168.70.1/24 configured on its LAN (static key)
- if the client is another Shibby router set up with tap and 192.168.70.201/24 on its LAN, I can ping from client lan to devices on the server lan
- similar config with MT300N does not work
MT300N info:
root@GL-MT300N:~# brctl show
bridge name bridge id STP enabled interfaces
br-lan 7fff.e4956e42d981 no eth0.1
wlan0
tap0
root@GL-MT300N:~# netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.67.1 0.0.0.0 UG 0 0 0 eth0.2
192.168.67.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0.2
192.168.67.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0.2
192.168.70.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
client.ovpn :
dev tap
proto udp
remote nnn 1194
verb 3
‘[secret]’
-----BEGIN OpenVPN Static key V1-----
xxx
-----END OpenVPN Static key V1-----
‘[/secret]’
daemon
MT300N Syslog:
Tue Nov 27 09:01:20 2018 kern.info kernel: [59926.530000] br-lan: port 3(tap0) entered forwarding state
Tue Nov 27 09:01:20 2018 kern.info kernel: [59926.540000] br-lan: port 3(tap0) entered forwarding state
Tue Nov 27 09:01:20 2018 daemon.notice netifd: Interface ‘VPN_client’ is enabled
Tue Nov 27 09:01:20 2018 daemon.notice netifd: Network device ‘tap0’ link is up
Tue Nov 27 09:01:20 2018 daemon.notice netifd: Interface ‘VPN_client’ has link connectivity
Tue Nov 27 09:01:20 2018 daemon.notice netifd: Interface ‘VPN_client’ is setting up now
Tue Nov 27 09:01:20 2018 daemon.notice netifd: Interface ‘VPN_client’ is now up
Tue Nov 27 09:01:21 2018 user.notice firewall: Reloading firewall due to ifup of VPN_client (tap0)
Tue Nov 27 09:01:22 2018 kern.info kernel: [59928.540000] br-lan: port 3(tap0) entered forwarding state