31,703
edits
Changes
OpenVPN configuration examples (view source)
Revision as of 12:03, 9 March 2018
, 12:03, 9 March 2018no edit summary
* Type
* Type
** TUN (tunnel) - simulates a network layer device and it operates with layer 3 packets like IP packets. TUN is used for routing and connecting multiple clients to a single server.
** TUN (tunnel) - simulates a network layer device and it operates with layer 3 packets like IP packets. TUN is used for routing and connecting multiple clients to a single server.
** TAP (bridged) - simulates a link layer device and it operates with layer 2 packets like Ethernet frames. TAP is used for creating a network bridge between '''two'' Ethernet segments in different locations.
** TAP (bridged) - simulates a link layer device and it operates with layer 2 packets like Ethernet frames. TAP is used for creating a network bridge between '''two''' Ethernet segments in different locations.
* Protocol
* Protocol
==TAP (bridged) OpenVPN==
==TAP (bridged) OpenVPN==
File:Openvpn tap example.png
This section provides a guide on how to configure a successful OpenVPN TAP (bridged) connection between an OpenVPN Client and Server on RUT routers.
===Configuration===
----
TAP is used for creating a network bridge between two Ethernet segments in different locations. For this example we will be creating a TAP (bridged) type connection that uses the UDP protocol for data transfer and TLS for Authentication. We will be using two RUT routers: '''RUT1''' ('''Server'''; LAN IP: '''192.168.1.1'''; WAN (Public static) IP: '''193.186.223.42''') and '''RUT2''' ('''Client'''; LAN IP: '''192.168.1.2'''); the two routers will be connected via OpenVPN.
[[File:Openvpn tap example.png]]
To sum up, just make sure the Server and the Clients use the same parameters (same authentication, same port, same protocol, etc.). The most important aspect of a TAP configuration is that it just bridges two network segments and '''doesn't create a different virtual network'''. Therefore, as in the example provided above, the routers should be be in the '''same subnet''' (192.168.1.0 in this case). While making sure of that, don't forget that the routers can't have the same IP address, just the same subnet (for example, if both routers have the LAN IP 192.168.1.1, the connection won't work; if one has, for example, 192.168.1.1 and the other 192.168.1.2, then the connection will work).
For this example we used TLS Authentication. If you want to use a different Authentication method, refer to the other relevant sections of this article. The authentication configuration will not be different because of the OpenVPN type (TUN or TAP).
From the Client side, make sure to enter the correct '''Remote host/IP address''' (193.186.223.42 in this case). This is the Server's Public IP address, not the LAN IP address.
