Referring to the picture above might explain the bridging concept I want to create to my network. I’m actually setting up Xen VM, and one of the server I disconnect from public access through internet. Well, if you ask why the VM  can be installed with program like databases which don’t require public access on it.

I’m assuming you have already installed the OpenVPN on both client and server. Login to the OpenVPN server via SSH, change the directory to /etc/openvpn

[bash]
cd /etc/openvpn
ls -l
[/bash]

You will configuration file which end or have extension of .conf . Open any of the configuration if have more than one .conf files, in my case I have only one configuration file which is server.conf. You may use any text editor other than vim.

[bash]
vim server.conf
[/bash]

add this line at end of file, and save it.

[bash]
push "route 10.130.0.0 255.255.0.0"
[/bash]

Basically it push route information to the client like telling I have the route for subnet 10.130.0.0/16

For this type of bridging we can use iptables to NAT from subnet 10.8.0.0 to eth1. I don’t sure if this iptables works on other VM other than Xen.

[bash]
iptables -A POSTROUTING -s 10.8.0.0/24 -o eth1 -j MASQUERADE
[/bash]

Now restart your OpenVPN by issuing command

[bash]
service openvpn restart
[/bash]

Reconnect to the VPN, if everything is configured correctly you should be able to ping the 10.130.239.125 from client.