This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
edgerouter:openvpn-roadwarrior [2017/09/18 15:28] – created brielle | edgerouter:openvpn-roadwarrior [2017/09/18 15:35] – brielle | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== EdgeRouter + OpenVPN Road Warrior Example ====== | ====== EdgeRouter + OpenVPN Road Warrior Example ====== | ||
+ | ===== Generate Certificates With EasyRSA 3 ===== | ||
+ | You'll need to generate server, client, and DH certificates using the instructions [[https:// | ||
+ | |||
+ | Once you do that, copy the server certs (ca.crt, server.crt, dh.pem, and server.key) to: | ||
+ | |||
+ | < | ||
+ | |||
+ | On the EdgeRouter. | ||
+ | |||
+ | Also generate some client certs either now or later. | ||
+ | |||
+ | ===== EdgeRouter Configuration ===== | ||
On the EdgeRouter, make changes where appropriate... | On the EdgeRouter, make changes where appropriate... | ||
< | < | ||
Line 20: | Line 32: | ||
set interfaces openvpn vtun0 tls dh-file / | set interfaces openvpn vtun0 tls dh-file / | ||
set interfaces openvpn vtun0 tls key-file / | set interfaces openvpn vtun0 tls key-file / | ||
+ | </ | ||
+ | |||
+ | ===== OpenVPN .ovpn Config File For Clients ===== | ||
+ | < | ||
+ | client | ||
+ | tls-client | ||
+ | remote remote.hostname.here | ||
+ | port xxxx | ||
+ | proto udp | ||
+ | dev tun | ||
+ | pull | ||
+ | cipher AES-128-CBC | ||
+ | auth SHA256 | ||
+ | fragment 1400 | ||
+ | mssfix | ||
+ | float | ||
+ | <ca> | ||
+ | ca certificate file contents here | ||
+ | </ca> | ||
+ | < | ||
+ | pem certificate file contents here | ||
+ | </ | ||
+ | <key> | ||
+ | pem key file contents here | ||
+ | </ | ||
</ | </ |