Brocade Communications Systems 5600 Reference Manual page 21

Openvpn

Hide thumbs Also See for 5600:

Configuration manual (187 pages)

Reference manual (96 pages)

Quick start manual (48 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

page of 124

/ 124
Contents
Table of Contents
Bookmarks

Table of Contents

TABLE 2

Site-to-site OpenVPN with preshared secret: V1 static route (Continued)

Step

Commit the change.

Show the static routing configuration.

The V2 VPN endpoint is identical to the V1 endpoint, except that local and remote tunnel IP addresses

are reversed. To configure the V2 endpoint, perform the following steps in configuration mode.

TABLE 3

Site-to-site OpenVPN with preshared secret: V2 endpoint

Step

Create the vtun0 configuration node.

Set the tunnel IP address for the local endpoint.

Set the OpenVPN mode to site-to-site.

Set the tunnel IP address of the remote endpoint.

Specify the physical IP address of the remote host.

Specify the location of the file containing the preshared secret.

Commit the change.

Show the OpenVPN configuration.

Again, the shared secret file (created by generating the key with the generate openvpn key command

on one system and then copying the key to the other system) must be the same on both endpoints (the

path need not be the same, but the content must be). Note also that the remote-host option is required

only on one of the endpoints; that is, the site-to-site tunnel can be established as long as even one

endpoint has enough information to contact the other.

To configure a static route to access the remote subnet through the OpenVPN tunnel, perform the

following steps in configuration mode.

TABLE 4

Site-to-site OpenVPN with preshared secret: V2 static route

Step

Create the static route to access the remote subnet through the

OpenVPN tunnel.

Commit the change.

Brocade 5600 vRouter OpenVPN Reference Guide

53-1003719-03

Command

vyatta@V1# commit

vyatta@V1# show protocols static

interface-route 192.168.101.0/24 {

next-hop-interface vtun0 {

}

Command

vyatta@V2# set interfaces openvpn vtun0

vyatta@V2# set interfaces openvpn vtun0 local-address

192.168.200.2

vyatta@V2# set interfaces openvpn vtun0 mode site-to-site

vyatta@V2# set interfaces openvpn vtun0 remote-address

192.168.200.1

vyatta@V2#set interfaces openvpn vtun0 remote-host

12.34.56.78

vyatta@V2# set interfaces openvpn vtun0 shared-secret-

key-file /config/auth/secret

vyatta@V2# commit

vyatta@V2# show interfaces openvpn vtun0

local-address 192.168.200.2

mode site-to-site

remote-address 192.168.200.1

remote-host 12.34.56.78

shared-secret-key-file /config/auth/secret

Command

vyatta@V2# set protocols static interface-route

192.168.100.0/24 next-hop-interface vtun0

vyatta@V2# commit

OpenVPN Configuration

Table of Contents

Brocade Communications Systems 5600 Reference Manual page 21

Related Manuals for Brocade Communications Systems 5600

Related Products for Brocade Communications Systems 5600

Table of Contents