PPP clients do not get added to bridge specified in PPP profile

RabbitAtNet · May 16, 2015, 9:44pm

Hi there,

I just stumbled across an issue while trying to set up a hub spoke VPN with multiple clients. I have set up an SSTP-Server and clients. They can connect and traffic is flowing. However, the bridge interface I specified in the PPP profile used by the VPN clients is ignored. The SSTP tunnnel interface gets added to the VPN server, but not as slave under the specified bridge interface. This is causing me quite some head aches, since firewalling the VPN clients becomes challenging…

What is the bridge setting in the ppp profile intended for? Should it work with SSTP or PPTP clients connecting?

I am looking forward to your replies. Thanks already!

skillful · May 16, 2015, 10:40pm

Two conditions must be met for a VPN to be dynamically added to a bridge.

You must add the VPN interface to a bridge on both the server and client ends.
Do not specify local and remote IP in PPP profile or secret. Add the IP address to the bridge instead.

RabbitAtNet · May 17, 2015, 10:33am

Hi skillful,

thanks for the reply. That explains it.
By the way, I found another way to address my issue. In the PPP profile, I can specify incoming and outgoing filter, which allow the traffic from a VPN client to be forwarded to a custom chain. That way I am able to filter and mangle the traffic from the VPN clients as needed.