From what I can grok about setting up and running an openvpn server, because I want to allow a Windoz client to connect to the server, I need to set up a tap and br interface and set up an ethernet bridge. I have a few questions which I don't seem to be finding answers for - 1. openvpn supplies a sample script for creating the tap and br interfaces. I know I need to modify it and run the bridge-start script before starting up the openvpn server. Also the bridge-stop script when shutting down the openvpn service. But where and how is this script incorporated into the boot up/server start up processes if I want the openvpn server to run as an automatic service? I don't see anything that references it in the /etc/openvpn/server.conf file or in the /etc/rc.d/openvpn file. 2. Within the bridge-start script there is a parameter called eth_ip that wants to be set to some IP address. Is this the IP address of the NIC that interfaces my server to my internal LAN? 3. How do I configure SuSEFirewall2 to support the tap and br interfaces? Do I just add these to the "FW_DEV_INT=" setting? (It was previously suggested that I could use the shorewall firewall instead of SuSEFirewall2, but unless SuSEFirewall2 will not support openvpn with an ethernet bridge I am reluctant to learn a whole new tool and figure out how to configure it to support this and all the other settings I currently have set/grokked in SuSEFirewall2) 4. The openvpn documentation mentions that my DCHP server cannot send the IP address of the default gateway (currently this is the IP address of the NIC on my server that interfaces to my internal LAN) but I do not see how to configure my DHCP server to differentiate between my laptop when it is connecting from my internal LAN and when it is a "roadwarrior" connecting over the VPN. My dhcpd.conf is configured to give out a static internal IP address to my laptop based on the dhcp id that the laptop sends when it is requesting a lease on the IP address that the DCHP server will assign it. I want to maintain this IP address for my laptop, regardless of whether it is connecting in from the internal LAN or over the VPN. But I do not see how to send out the "option routers" setting in the dhcpd.conf file to react differently based on how the laptop is connecting to the network. Thanks for any help/elucidation that you kind gurus can offer this poor beginner... I probably will have more questions but they can wait for now.... Marc.. -- "The Truth is out there" - Spooky -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org