Openvpn lan to lan Prinzip

Aus xinux.net
Zur Navigation springen Zur Suche springen

Serversite

Bridging stuff

  • openvpn --mktun --dev tap1
  • brctl addbr vmbr1
  • brctl addif vmbr1 eth1
  • brctl addif vmbr1 tap1
  • ifconfig eth1 0.0.0.0 promisc up
  • ifconfig tap1 0.0.0.0 promisc up
  • ifconfig vmbr1 192.168.56.1 netmask 255.255.255.0 up

Openvpn stuff

  • /etc/openvpn/server.conf
dev tap1
daemon
tls-server
proto udp
port 5555
ca /etc/openvpn/ca.crt
cert /etc/openvpn/kitan.xmen.de.crt
key /etc/openvpn/kitan.xmen.de.key
dh /etc/openvpn/dh4096.pem
mssfix
persist-key
persist-tun
log /var/log/openvpn
status /var/log/openvpn-status.log
verb 4
keepalive 10 120
mute 50
log-append /var/log/openvpn
compress lzo
verb 3

Clientsite

Bridging stuff

  • openvpn --mktun --dev tap1
  • brctl addbr vmbr1
  • brctl addif vmbr1 eth1
  • brctl addif vmbr1 tap1
  • ifconfig eth1 0.0.0.0 promisc up
  • ifconfig tap1 0.0.0.0 promisc up
  • ifconfig vmbr1 0.0.0.0 up

Openvpn stuff

  • /etc/openvpn/client.conf
port 5555 
daemon
dev tap1
remote kitan.tuxmen.de
tls-client
ca /etc/openvpn/ca.crt
cert /etc/openvpn/worf.nux.lan.crt
key /etc/openvpn/worf.nux.lan.key
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
pull
comp-lzo
verb 3
Abgerufen von „https://xinux.net/index.php?title=Openvpn_lan_to_lan_Prinzip&oldid=26115