I have a somewhat tricky proble to solve.

We have a wireless link between 2 building. One of them has an mikrotik and below there are some vlans. Some machines of one vlan need to use openvpn to connect to a remote private lan. I put a TP-Link WR1043ND (which those machines connect to) with openwrt with ebtables just in case I need it.

I've configured openwrt in such a way that all ports belongs to the same vlan. My idea was to make things as transparent as I can.

It has a bridge as follows:

usr/sbin/brctl-full show br-lan 
bridge name     bridge id               STP enabled     interfaces
br-lan          8000.f8d111565716       no              eth0.1
                                                        eth0.2

Also I've added an ebtables rule:

ebtables -t broute -A BROUTING -p ipv4  -j DROP

So "bridge" has only one IP address. I've installed openvpn and I'm trying to bring up the tunnel but I can't still get working.

Sure, someone can says why don't you use the vpn on the mikrotik, there are some reasons, the first one is I have little experience with mikrotik and I'd want to have the vpn at hand :)

The problem is that openvpn is not working, because it is complaining that I have only one Ip Address on the server side. So I set up and alias interface with another IP address but is not working either:

: Rejected connection attempt from IP-Client-Side:37801 due to --remote setting

Is there a way to make it work?