I have nothing to add to this but I do have a question.<br><br>Would the IP provided via DHCP after the tunnel is up be applied to the client's virtual adapter?<br><br>Or can DHCP append an additional IP address to the already configured bridge on the client's computer?<br>
<br>Or does it work some other way entirely?<br><br><div class="gmail_quote">On Mon, Nov 16, 2009 at 9:23 AM, Guus Sliepen <span dir="ltr"><<a href="mailto:guus@tinc-vpn.org">guus@tinc-vpn.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im">On Mon, Nov 16, 2009 at 09:02:33AM +0100, Matthias Redl wrote:<br>
<br>
> From what I've read so far I believe that the VPN must always have a<br>
> different IP Subnet than the private LAN itself, and therefor use<br>
> routing.<br>
<br>
</div>That is not true. The only problem is when you want clients use IP addresses<br>
from the private LAN in router mode, that is difficult to set up.<br>
<div class="im"><br>
> Is that correct? But I would actually prefer to assign IPs from<br>
> our current LAN to the VPN Clients.<br>
><br>
> Our current ip setup:<br>
> Local servers and printers: 192.168.139.1 - 192.168.139.99<br>
> Local DHCP range for workstations: 192.168.139.100 - 192.168.139.200<br>
><br>
> My wish would be to assign IPs starting with 192.168.139.201 to VPN<br>
> users (either manually or better also via DHCP / tinc). From what I have<br>
> read maybe the switch setup might fit, but I'm currently a bit lost.<br>
><br>
> Is that possible? If yes, is one of the sample setups adequate for me?.<br>
<br>
</div>Yes, that is possible. Indeed, you want to use switch mode, and on the server<br>
bridge the VPN interface to the private LAN interface. This is described in<br>
<a href="http://tinc-vpn.org/examples/bridging/" target="_blank">http://tinc-vpn.org/examples/bridging/</a>. On the client side you can then use<br>
DHCP to get an IP address from the DHCP server on the private LAN. You do have<br>
to make sure that the default gateway provided by the DHCP server on the VPN<br>
does not get a higher priority than that of the LAN the clients are on.<br>
<font color="#888888"><br>
--<br>
Met vriendelijke groet / with kind regards,<br>
Guus Sliepen <<a href="mailto:guus@tinc-vpn.org">guus@tinc-vpn.org</a>><br>
</font><br>-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1.4.10 (GNU/Linux)<br>
<br>
iEYEARECAAYFAksBYFoACgkQAxLow12M2nvDxwCfcEQ7JEvaR/TfUEu6YkbvBpRQ<br>
oPcAni6bsmJlN0Svq4RG4LTVp1LeDEzf<br>
=iTc1<br>
-----END PGP SIGNATURE-----<br>
<br>_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
<br></blockquote></div><br>