Differences

This shows you the differences between two versions of the page.

--- edgerouter:openvpn-roadwarrior [2017/09/18 15:30] – brielle
+++ edgerouter:openvpn-roadwarrior [2017/09/18 15:38] – [EdgeRouter Configuration] brielle
@@ Line 1: / Line 1: @@
 ====== EdgeRouter + OpenVPN Road Warrior Example ======
-On the EdgeRouter, make changes where appropriate...
+===== Generate Certificates With EasyRSA 3 =====
+You'll need to generate server, client, and DH certificates using the instructions [[https://community.openvpn.net/openvpn/wiki/EasyRSA3-OpenVPN-Howto|here]].
+Once you do that, copy the server certs (ca.crt, server.crt, dh.pem, and server.key) to:
+<code>/config/auth/openvpn/</code>
+On the EdgeRouter.
+Also generate some client certs either now or later.  You'll need them to put the contents inside of the client ovpn file.
+===== EdgeRouter Configuration =====
+On the EdgeRouter, make changes where appropriate.  Subnet 192.168.0.0/24 should be whatever your LAN subnet behind the EdgeRouter is.  If your subnet is one of the common ones that is by default (like 192.168.0.0/24), there's a good chance your clients may have issues if their LAN also matches yours.
+You can use NETMAP rules to avoid having to change your LAN addressing scheme.
 <code>set interfaces openvpn vtun0 firewall in name OpenVPN-Mobile
 set interfaces openvpn vtun0 local-host xx.xx.xx.xx
@@ Line 15: / Line 30: @@
 set interfaces openvpn vtun0 server max-connections 10
 set interfaces openvpn vtun0 server push-route 10.10.10.0/24
+set interfaces openvpn vtun0 server push-route 192.168.0.0/24
 set interfaces openvpn vtun0 server subnet 10.10.10.0/24
 set interfaces openvpn vtun0 tls ca-cert-file /config/auth/openvpn/ca.crt
@@ Line 22: / Line 38: @@
 </code>
-Example client config file...
+===== OpenVPN .ovpn Config File For Clients =====
 <code>
 client

The Summit Open Source Development Group

User Tools

Site Tools

Differences

Page Tools