1

I am using my raspberry pi as a openvpn cleint for my xbox 360 because at my college i get kicked off xbox live for either strict nat type or a connection limit. I can connect to the vpn just fine, i just need to know how to bridge the tap interface with the eth0 interface on the pi. Basically what i am doing is connecting the ethernet port from the pi to the xbox to share the vpn to the xbox. The pi is connecting to the internet via wifi through wlan0 although i may buy a usb ethernet nic at some point to make it more stable. This needs to be run automatically at boot from the pi so if theres a power failure it will reconnect by itself.

I used my laptop to share the vpns connection to my xbox and it works just fine so i know my theory works i just need a way to do it on the pi so i dont have to occupy my laptop with this job.

Improve this question
1
  • You could skip all this and use the network manager setting the case: share to other computers in the ethernet connection configuration, and checking "connect automatically to VPN..." when setting up the wifi connection. Set all 3 connections (Ethernet , Wifi and VPN) to available to all users so that they connect even before logging in
    – Mehdi
    Commented May 24, 2019 at 11:23

1 Answer 1

Reset to default
2

Bridging two connections is easy.I shall avoid the use of the now deprecated bridge-utils, and use iproute2 utilities instead: 

 ip tuntap add tap0 mode tap user root
 ip link set tap0 up
 ip link add br0 type bridge
 ip link set tap0 master br0
 ip link set dev eth0 down
 ip addr flush dev eth0 
 ip link set dev eth0 up
 ip link set eth0 master br0
 ip link set dev br0 up

And now you can ssign an address to br0.

Edit:

you are right, you said something that is not right: there is a key difference between tun and tap interfaces, and tun interfaces cannot be brdiged. From Wikipedia:

TUN (namely network TUNnel) simulates a network layer device and it operates with layer 3 packets like IP packets. TAP (namely network tap) simulates a link layer device and it operates with layer 2 packets like Ethernet frames. TUN is used with routing, while TAP is used for creating a network bridge.

So the error message is quite substantial, i.e. it is something that cannot be corrected.

To make tun interface work, you will need to create it (replace mode tap with mode tun above), assign it an IP address outside your LAN range, activate IP forwarding in the file /etc/sysctl.conf and restart sysctl. Routing configuration is automatic, no need to act on it. LAstly, change iptables roule as follwos, assuming your Pi is connected via eth0:

  iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Still, while instructive, this should be done automatically by your VPN: certainly OpenVPN does that. Why doesn't you VPN take charge of that?

Improve this answer
8
  • im trying to bridge 3, wlan0 (my internet connection), tun0 (my vpn connection), and eth0 (my xbox connection)
    – bob riley
    Commented Sep 29, 2014 at 23:23
  • nevermind i just need to bridge tun0 and eth0 but those commands do not work
    – bob riley
    Commented Sep 30, 2014 at 2:18
  • @bobriley what does it mean it does not work?
    – MariusMatutiae
    Commented Sep 30, 2014 at 5:13
  • @bobriley you should post the outputs of ip addr show and ip route show
    – MariusMatutiae
    Commented Sep 30, 2014 at 11:01
  • I mean the first command gives me an error. I cant remember what though. I tried doing it with bridge-utils too and it wont let me add tun0 to a bridge only eth0
    – bob riley
    Commented Sep 30, 2014 at 14:54

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .