Tweet
OpenVPN bridged setup: Unable to reach hosts
# Disclaimer
This was originally raised against the Game of active directory project. Some content below has been truncated due to the charecter limit imposed by the forum, full details are in the issue below:
# Description
I've setup a tap/bridged VPN using this guide to get into my host-only subnet from the internet. Although the VPN connects, I can't seem to access any of the GOAD hosts on the host-only adapter's subnet. I'd appreciate some help on figuring out why this is (nothing has been changed about regarding the GOAD setup).
# Setup
<TRUNCATED DUE TO CHARECTER LIMIT - SEE FULL DETAILS IN THE GOAD PROJECT ISSUE https://github.com/Orange-Cyberdefense/GOAD/issues/233>
# Method to reproduce
<TRUNCATED DUE TO CHARECTER LIMIT - SEE FULL DETAILS IN THE GOAD PROJECT ISSUE https://github.com/Orange-Cyberdefense/GOAD/issues/233>
# What I expect
Services running on the GOAD machines should be exposed to the VPN client
# What I've tried
# Environment
- OS = `Linux <HOSTNAME-OMMITED> 5.15.0-105-generic #115-Ubuntu SMP Mon Apr 15 09:52:04 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux`
- Hosting = Hosted in the cloud
- OpenVPN Version:
```
OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_option_checking=no enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_openssl_engine=yes with_sysroot=no
```
- VirtualBox Version = 6.1.50_Ubuntur161033
- Vagrant Version = 2.4.1
- UFW Version = 0.36.1
This was originally raised against the Game of active directory project. Some content below has been truncated due to the charecter limit imposed by the forum, full details are in the issue below:
# Description
I've setup a tap/bridged VPN using this guide to get into my host-only subnet from the internet. Although the VPN connects, I can't seem to access any of the GOAD hosts on the host-only adapter's subnet. I'd appreciate some help on figuring out why this is (nothing has been changed about regarding the GOAD setup).
# Setup
<TRUNCATED DUE TO CHARECTER LIMIT - SEE FULL DETAILS IN THE GOAD PROJECT ISSUE https://github.com/Orange-Cyberdefense/GOAD/issues/233>
# Method to reproduce
<TRUNCATED DUE TO CHARECTER LIMIT - SEE FULL DETAILS IN THE GOAD PROJECT ISSUE https://github.com/Orange-Cyberdefense/GOAD/issues/233>
# What I expect
Services running on the GOAD machines should be exposed to the VPN client
# What I've tried
- Disabled firewall rules
- Restarted VMs and system
- Used [sample config and server files from the openvpn repository](https://github.com/OpenVPN/openvpn/t...e-config-files)
- Bringing relevant adapters up and down
- Tracking openvpn traffic with wireshark (only ARP traffic seems present on the tap0 and br0 interfaces)
# Environment
- OS = `Linux <HOSTNAME-OMMITED> 5.15.0-105-generic #115-Ubuntu SMP Mon Apr 15 09:52:04 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux`
- Hosting = Hosted in the cloud
- OpenVPN Version:
```
OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_option_checking=no enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_openssl_engine=yes with_sysroot=no
```
- VirtualBox Version = 6.1.50_Ubuntur161033
- Vagrant Version = 2.4.1
- UFW Version = 0.36.1