DA-710 Series Linux
Managing Communications
3-30
2.
On machine OpenVPN A, modify the remote address in configuration file
/etc/openvpn/tun.conf
.
# point to the peer
remote 192.168.8.174
dev tun
secret /etc/openvpn/secrouter.key
cipher DES-EDE3-CBC
auth MD5
tun-mtu 1500
tun-mtu-extra 64
ping 40
ifconfig 192.168.2.173 192.168.4.174
up /etc/openvpn/tun.sh
3.
Next, modify the routing table in script file
/etc/openvpn/tun.sh
.
#---------------------------Start----------------------------
#!/bin/sh
# value after “-net” is the subnet behind the remote peer
route add -net 192.168.2.0 netmask 255.255.255.0 gw $5
#----------------------------end-----------------------------
4.
On machine OpenVPN B, modify the remote address in configuration file
/etc/openvpn/tun.conf
.
# point to the peer
remote 192.168.8.173
dev tun
secret /etc/openvpn/secrouter.key
cipher DES-EDE3-CBC
auth MD5
tun-mtu 1500
tun-mtu-extra 64
ping 40
ifconfig 192.168.4.174 192.168.2.173
up /etc/openvpn/tun.sh
And then modify the routing table in script file
/etc/openvpn/tun.sh
.
#--------------------------Start----------------------------
#!/bin/sh
# value after “-net” is the subnet behind the remote peer
route add -net 192.168.2.0 netmask 255.255.255.0 gw $5
#---------------------------end-----------------------------
The first argument of parameter
ifconfig
is the local internal interface and the second argument is the
internal interface at the remote peer.
$5
is the argument that the OpenVPN program passes to the script file. Its value is the second argument of
ifconfig
in the configuration file.
5.
Check the routing table after you run the OpenVPN programs, by typing the command
# route
.
Destination
Gateway
Genmsk
Flags Metric Ref Use Iface
192.168.4.174 *
255.255.255.255 UH
0
0 0 tun0
192.168.4.0
192.168.4.174 255.255.255.0 UG
0
0 0 tun0
192.168.2.0
*
255.255.255.0 U
0
0 0 eth1
192.168.8.0
*
255.255.255.0 U
0
0 0 eth0