How to set up an OpenVPN Tunnel on a VYATTA or Ubiquiti EdgeMax Router.
The Main Site Router A will wait for connection.
Main Site Router A:
Create openvpn key , copy it it temporary directory, change its user ownership.
|
1 2 3 4 5 |
generate openvpn key /config/auth/key.psk sudo cp /config/auth/key.psk /tmp/ sudo chown vyatta /tmp/key.psk ls -l /config/auth/key.psk configure |
Create openVPN interface vtun0 with a Local-IP to assign and a remote IP.
|
1 2 3 4 5 |
set interfaces openvpn vtun0 mode site-to-site set interfaces openvpn vtun0 local-address 172.16.1.1 set interfaces openvpn vtun0 remote-address 172.16.1.2 set interfaces openvpn vtun0 local-port 10005 set interfaces openvpn vtun0 shared-secret-key-file /etc/openvpn/key.psk commit |
Router B
Copy the Key from Router A to our router B
|
1 2 |
sudo scp vyatta@123.111.222.2:/tmp/key.psk /config/auth/key.psk sudo chown root:root /config/auth/key.psk |
Now, time to configure the „vtun0“ interface. Once we commit this this router will try connecting to the Main-Site router.
|
1 2 3 4 5 6 7 |
set interfaces openvpn vtun0 mode site-to-site set interfaces openvpn vtun0 local-address 172.16.1.2 set interfaces openvpn vtun0 remote-address 172.16.1.1 set interfaces openvpn vtun0 remote-host 123.111.222.2 set interfaces openvpn vtun0 local-port 10005 set interfaces openvpn vtun0 remote-port 10005 set interfaces openvpn vtun0 shared-secret-key-file /config/auth/key.psk commit save exit show interfaces |
Executing the show interfaces will show the new interface.
Thats all, everything is set and should be working fine. Ping from Main-Site to Site-B is flowing smoothly.
Next step is to set up routing. (i prefere the OSPF protocol)
Source: http://saevolgo.blogspot.ch/2012/06/openvpn-with-vyatta-site-behind-nat.html
