489
edits
Changes
OpenVPN configuration examples RUT R 00.07 (view source)
Revision as of 15:05, 13 May 2022
, 15:05, 13 May 2022no edit summary
[[File:Networking rut configuration openvpn instances static v1.png|alt=|border|class=tlt-border||1547x1547px]]
[[File:Networking rut configuration openvpn instances static v1.png|alt=|border|class=tlt-border||1547x1547px]]
To sum up, just make sure the Server and the Clients use the same parameters (same authentication, same port, same protocol, etc.). Other important aspects are the '''Local tunnel endpoint IP''' and the '''Remote tunnel endpoint IP'''. Take note these two particular parameter values are reversed for the individual Client and the Server configurations since these values represent opposite things depending on the instance's perspective.
From the Client side, make sure to enter the correct '''Remote host/IP address''' (213.226.191.61 in this case). This is the Server's Public IP address, not the virtual IP address.
==TAP (bridged) OpenVPN==
This section provides a guide on how to configure a successful OpenVPN TAP (bridged) connection between an OpenVPN Client and Server on RUT routers.
===Configuration===
----
TAP is used for creating a network bridge between Ethernet segments in different locations. For this example we will be creating a TAP (bridged) type connection that uses the UDP protocol for data transfer and TLS for Authentication. We will be using two RUT routers: '''RUT1''' ('''Server'''; LAN IP: '''192.168.1.1'''; WAN (Public static) IP: '''213.226.191.61''') and '''RUT2''' ('''Client'''; LAN IP: '''192.168.1.2'''); the two routers will be connected via OpenVPN.
[[File:Networking rut configuration openvpn tap configuration v1.png|alt=|border|class=tlt-border||1547x1547px]]
To sum up, just make sure the Server and the Clients use the same parameters (same authentication, same port, same protocol, etc.). Since the OpenVPN interface that comes up is bridged with the LAN interface, make sure the routers are in the '''same subnet''' (192.168.1.0 in this case). While making sure of that, don't forget that the routers can't have the same IP address, just the same subnet (for example, if both routers have the LAN IP 192.168.1.1, the connection won't work; if one has, for example, 192.168.1.1 and the other 192.168.1.100, then the connection will work).
For this example we used TLS Authentication. If you want to use a different Authentication method, refer to the relevant section of this article. The authentication configuration will not be different because of the chosen OpenVPN type (TUN or TAP).
From the Client side, make sure to enter the correct '''Remote host/IP address''' (213.226.191.61 in this case). This is the Server's Public IP address, not the LAN IP address.
==Testing an OpenVPN connection==
The most important thing after configuration is making sure that the newly established connection works. You can check the status of an OpenVPN connection in the '''Status → Network → OpenVPN''' page:
'''Server side'''
[[File:Networking rutxxx configuration openvpn server v1.png|alt=|border|class=tlt-border]]
'''Client side'''
[[File:Networking rut configuration openvpn client v1.png|alt=|border|class=tlt-border]]
