Show pagesourceOld revisionsBacklinksBack to top × Table of Contents Routing example: OpenVPN Router R1 Router R2 Router WAN Client PCs VPN services Routing example: OpenVPN For creating a basic network configuration in OpenVPN like it shows in the picture. In this example, we will use 3 routers and 2 stations (computers). Router R1 # /etc/config/network config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan' option ifname 'eth1' option proto 'static' option ipaddr '172.16.1.1' option netmask '255.255.255.0' config interface 'wan' option ifname 'eth0' option proto 'static' option ipaddr '10.1.1.1' option netmask '255.255.255.252' option gateway '10.1.1.2' Router R2 # /etc/config/network config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan' option ifname 'eth0' option proto 'static' option ipaddr '172.16.2.1' option netmask '255.255.255.0' config interface 'wan' option ifname 'eth1' option proto 'static' option ipaddr '10.2.2.1' option netmask '255.255.255.252' option gateway '10.2.2.2' Router WAN # /etc/config/network config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config interface 'lan1' option ifname 'eth0' option proto 'static' option ipaddr '10.1.1.2' option netmask '255.255.255.252' config interface 'lan2' option ifname 'eth1' option proto 'static' option ipaddr '10.2.2.2' option netmask '255.255.255.252' config route 'lan1_route' option interface 'lan' option target '172.16.1.0' option netmask '255.255.255.0' option gateway '10.1.1.1' config route 'lan2_route' option interface 'lan2' option target '172.16.2.0' option netmask '255.255.255.0' option gateway '10.2.2.1' Client PCs For the PCs configuration, we just set up the IP addresses in each station. # PC1 IP 172.16.1.3 netmask 255.255.255.0 gateway 172.16.1.1 # PC2 ip 172.16.2.3 netmask 255.255.255.0 gateway 172.16.2.1 VPN services OpenVPN server configuration on router R2 uci import openvpn < /dev/null uci set openvpn.myvpn=openvpn uci set openvpn.myvpn.enabled=1 uci set openvpn.myvpn.verb=3 uci set openvpn.myvpn.port=1194 uci set openvpn.myvpn.proto=udp uci set openvpn.myvpn.dev=tun uci set openvpn.myvpn.server='10.8.0.0 255.255.255.0' uci set openvpn.myvpn.keepalive='10 120' uci set openvpn.myvpn.ca=/etc/openvpn/ca.crt uci set openvpn.myvpn.cert=/etc/openvpn/my-server.crt uci set openvpn.myvpn.key=/etc/openvpn/my-server.key uci set openvpn.myvpn.dh=/etc/openvpn/dh2048.pem uci commit openvpn OpenVPN client configuration on router R1 uci import openvpn < /dev/null uci set openvpn.myvpn=openvpn uci set openvpn.myvpn.enabled=1 uci set openvpn.myvpn.dev=tun uci set openvpn.myvpn.proto=udp uci set openvpn.myvpn.verb=3 uci set openvpn.myvpn.ca=/etc/openvpn/ca.crt uci set openvpn.myvpn.cert=/etc/openvpn/my-client.crt uci set openvpn.myvpn.key=/etc/openvpn/my-client.key uci set openvpn.myvpn.client=1 uci set openvpn.myvpn.remote_cert_tls=server uci set openvpn.myvpn.remote="SERVER_IP_ADDRESS 1194" uci commit openvpn This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.OKMore information about cookies Last modified: 2020/12/02 03:41by vgaetera