openwrt - Openvpn

/etc/config/openvpn

firewall:

config 'rule'
        option 'target' 'ACCEPT'
        option 'dest_port' '1194'
        option 'src' 'wan'
        option 'proto' 'tcpudp'
        option 'family' 'ipv4'

config 'openvpn' 'lan'
        option 'enable' '1'
        option 'port' '1194'
        option 'proto' 'udp'
        option 'dev' 'tap0'
        option 'ca' '/etc/openvpn/ca.crt'
        option 'cert' '/etc/openvpn/server.crt'
        option 'key' '/etc/openvpn/server.key'
        option 'dh' '/etc/openvpn/dh1024.pem'
        option 'ifconfig_pool_persist' '/tmp/ipp.txt'
        option 'keepalive' '10 120'
        option 'comp_lzo' '1'
        option 'persist_key' '1'
        option 'persist_tun' '1'
        option 'status' '/tmp/openvpn-status.log'
        option 'verb' '3'
        option 'server_bridge' '192.168.1.1 255.255.255.0 192.168.1.200 192.168.1.219

       
        192.168.1.200 -> 192.168.1.219 For Client

 


 

Client Mode:

 

/etc/config/openvpn

config openvpn vpn_client
    option enabled 1
    option client 1                          <---- pulling configure from server
    option dev tap
    option proto udp
    list remote "my_server_1 1194"
    option remote_random 0
    option resolv_retry infinite
    option nobind 1
    option persist_key 1
    option persist_tun 1
   
    option ca /etc/openvpn/ca.crt
    option cert /etc/openvpn/client.crt
    option key /etc/openvpn/client.key
    option tls_auth "/etc/openvpn/ta.key 1"
    option cipher DES-CFB

    option comp_lzo 1
    option verb 3
    option mute 20

 


 

Startup:

openvpn /etc/config/openvpn &