So, as these things go, I spent 2 days looking at my OpenVPN config files and bridging setup before finding the solution to my problem was elsewhere.
A little background: I created a new OpenVPN VM using the Debian Squeeze net install CD, configured it to match what was already working on a physical Windows XP box, but only had limited success. I was able to connect to the VPN, ping the OpenVPN server on the network, but couldn’t connect to anything else. Trying to ping another server from the VPN client, and running tcpdump on that other server showed that it was receiving ICMP requests and replying, but they were not making it back to the VPN client. I tried a hundred different ways of creating the bridge on the OpenVPN server, but nothing worked. Finally, good old Google found the answer. The ESXi virtual switch drops promiscous packets by default. To fix it, open the vSphere Client, click on the ESXi host on the left side, click on the “Configuration” tab on the right, click “Networking” in the Hardware box, click on “Properties…” at the top-right of your “Virtual Switch: vSwitch#” graphic. Now on the “Tools” tab of this popup window, select the “vSwitch” and click the “Edit…” button. In this popup, click on the “Security” tab and change “Promiscuous Mode” from “Reject” to “Accept”. Click “OK” then “Close” and you should be all set. Read More >>
Read More >>