Brocade Communications Systems 5600 Reference Manual page 23
Openvpn
Hide thumbs
Also See for 5600:
- Configuration manual (187 pages) ,
- Reference manual (96 pages) ,
- Quick start manual (48 pages)
Table of Contents
Advertisement
TABLE 5
V1 OpenVPN configuration: site-to-site with TLS (Continued)
Step
Specify the location of the CRL parameters file.
Specify the location of the DH file.
Specify the location of the host key file.
Commit the change.
Show the OpenVPN configuration.
Note that the configuration is the same as in the previous section except that the shared-secret-key-
file option has been replaced by tls options. The V1 endpoint takes the passive role, so the dh-file
option is required. The crl-file option is also specified in this example.
To configure V2 for a site-to-site VPN with TLS, perform the following steps in configuration mode.
TABLE 6
V2 OpenVPN configuration: site-to-site with TLS
Step
Create the vtun0 configuration node.
Set the local IP address of the VPN tunnel.
Set the OpenVPN mode.
Set the remote IP address of the VPN tunnel.
Specify the physical IP address of the remote host.
Set the role of this endpoint.
Specify the location of the CA certificate file.
Specify the location of the host certificate file.
Specify the location of the host key file.
Commit the change.
Brocade 5600 vRouter OpenVPN Reference Guide
53-1003719-03
Command
vyatta@V1# set interfaces openvpn vtun0 tls crl-file /config/
auth/crl.pem
vyatta@V1# set interfaces openvpn vtun0 tls dh-file /config/
auth/dh1024.pem
vyatta@V1# set interfaces openvpn vtun0 tls key-file /config/
auth/V1.key
vyatta@V1# commit
vyatta@V1# show interfaces openvpn vtun0
local-address 192.168.200.1
mode site-to-site
remote-address 192.168.200.2
remote-host 87.65.43.21
tls {
role passive
ca-cert-file /config/auth/ca.crt
cert-file /config/auth/V1.crt
crl-file /config/auth/cr1.pem
dh-file /config/auth/dh1024.pem
key-file /config/auth/V1.key
}
Command
vyatta@V2# set interfaces openvpn vtun0
vyatta@V2# set interfaces openvpn vtun0 local-address
192.168.200.2
vyatta@V2# set interfaces openvpn vtun0 mode site-to-site
vyatta@V2# set interfaces openvpn vtun0 remote-address
192.168.200.1
vyatta@V2# set interfaces openvpn vtun0 remote-host 12.34.56.78
vyatta@V2# set interfaces openvpn vtun0 tls role active
vyatta@V2#set interfaces openvpn vtun0 tls ca-cert-file /config/
auth/ca.crt
vyatta@V2# set interfaces openvpn vtun0 tls cert-file /config/
auth/V2.crt
vyatta@V2# set interfaces openvpn vtun0 tls key-file /config/
auth/V2.key
vyatta@V2# commit
OpenVPN Configuration
23
Advertisement
Table of Contents
Related Manuals for Brocade Communications Systems 5600
Related Products for Brocade Communications Systems 5600
- Brocade Communications Systems 53-1001778-01
- Brocade Communications Systems 53-1001763-02
- Brocade Communications Systems 5300
- Brocade Communications Systems BROCADE 4424 BLADE SERVER 53-1000571-01
- Brocade Communications Systems Dimension 5100
- Brocade Communications Systems Brocade 5000
- Brocade Communications Systems 5450