Topic: OpenVPN Server-Bridge

[Daniel B.]

Well, quite strange, routing cannot solve the problem since it's bridging mode, which means, when you're connected to the VPN, you're (virtually) connected to your internal network, and you don't need any routes to contact others host on the same subnet, you just need to send an arp request to get it's mac address. I'm just currious, which route did you added? Your client is on the same subnet as the host in your internal network.

[elysium]

my client gets an ip for tap1 so it is in the same subnet.
The route I addes was like
route add 10.5.109.70 mask 255.255.255.255 gw 10.5.108.230

...but this seems to be the only way to get it to work ...
Or do you have a better idea?

[Daniel B.]

Well, it depends on your netmask. Usually, with the class 10.x.x.x (A class) we use the natural mask 255.0.0.0 (/8), so 10.5.109.70 and 10.5.108.230 are on 2 differents network. In this case, the route isn't necessary. The same if you have a mask of 255.255.0.0 (/16), they are both on the same network, and the route still makes non sense. And if you use a netmask 255.255.255.0 (/24), you've a problem because your client is out of SME's internal network. Anyway, I don't really understand your situation and your network topology (on both side)

[elysium]

The netmask is 255.255.252.0 so I have the range 10.5.108.1-10.5.111.255

Tell me ehat u don´t understand???
SME has 2 nics - one connected to the internal network and one connected to a router which lies in a different network (192.168.2.0). So the SME has 10.5.108.0 on one side and 192.168.2.1 on the other.
Does this help u?