User`s manual

ManualsBrandsMoxa Technologies ManualsComputer equipmentIA262

IA260-261-262 EM-2260 LX User’s Manual Managing Communications

3. Create a configuration file named A-tap0-br.conf and an executable script file named

A-tap0-br.sh on OpenVPN A.

# point to the peer

remote 192.168.8.174

dev tap0

secret /etc/openvpn/secrouter.key

cipher DES-EDE3-CBC

auth MD5

tun-mtu 1500

tun-mtu-extra 64

ping 40

up /etc/openvpn/A-tap0-br.sh

#----------------------------------Start------------------------------

#!/bin/sh

# value after “-net” is the subnet behind the remote peer

route add -net 192.168.4.0 netmask 255.255.255.0 dev br0

#---------------------------------- end ------------------------------

Create a configuration file named B-tap0-br.conf and an executable script file named

B-tap0-br.sh on OpenVPN B.

# point to the peer

remote 192.168.8.173

dev tap0

secret /etc/openvpn/secrouter.key

cipher DES-EDE3-CBC

auth MD5

tun-mtu 1500

tun-mtu-extra 64

ping 40

up /etc/openvpn/B-tap0-br.sh

#---------------------------------- Start----------------------------

#!/bin/sh

# value after “-net” is the subnet behind the remote peer

route add -net 192.168.2.0 netmask 255.255.255.0 dev br0

#---------------------------------- end -----------------------------

Note: Select cipher and authentication algorithms by specifying “cipher” and “auth”. To see

which algorithms are available, type:

# openvpn --show-ciphers

4. Start both of OpenVPN peers,

# openvpn --config A-tap0-br.conf&

# openvpn --config B-tap0-br.conf&

If you see the line “Peer Connection Initiated with 192.168.8.173:5000” on each machine, the

connection between OpenVPN machines has been established successfully on UDP port 5000.

5. On each OpenVPN machine, check the routing table by typing the command:

# route

Destination Gateway Genmsk Flags Metric Ref Use Iface

192.168.4.0 * 255.255.255.0 U 0 0 0 br0

192.168.2.0 * 255.255.255.0 U 0 0 0 br0

192.168.8.0 * 255.255.255.0 U 0 0 0 eth0

Interface eth1 is connected to the bridging interface br0, to which device tap0 also connects,

whereas the virtual device tun sits on top of tap0. This ensures that all traffic from internal

networks connected to interface eth1 that come to this bridge write to the TAP/TUN device

that the OpenVPN program monitors. Once the OpenVPN program detects traffic on the

virtual device, it sends the traffic to its peer.

4-23