Brocade Communications Systems 5600 Reference Manual page 25
Openvpn
Hide thumbs
Also See for 5600:
- Configuration manual (187 pages) ,
- Reference manual (96 pages) ,
- Quick start manual (48 pages)
Table of Contents
Advertisement
TABLE 7
V1 OpenVPN configuration: client-server with TLS (server)
Step
Create the vtun0 configuration node.
Set the OpenVPN mode.
Set the subnet for the OpenVPN tunnel.
Specify the location of the CA certificate file.
Specify the location of the host certificate file.
Specify the location of the CRL parameters file.
Specify the location of the DH file.
Specify the location of the host key file.
Commit the change.
Show the OpenVPN configuration.
To configure V2 for client-server with TLS, perform the following steps in configuration mode. This
example has the following characteristics.
• V2 is in client mode and so it needs to actively contact the server; therefore, the remote-host option
is needed to indicate the location of the server.
• When the tunnel is established, the tunnel IP address of V2 (that is, the address of vtun0 on V2) is
assigned by V1 from the 192.168.200.0/24 subnet.
TABLE 8
V2 OpenVPN configuration: client-server with TLS (client)
Step
Create the vtun0 configuration node.
Set the OpenVPN mode.
Specify the physical IP address of the remote host.
Specify the location of the CA certificate file.
Specify the location of the host certificate file.
Specify the location of the host key file.
Brocade 5600 vRouter OpenVPN Reference Guide
53-1003719-03
Command
vyatta@V1# set interfaces openvpn vtun0
vyatta@V1# set interfaces openvpn vtun0 mode server
vyatta@V1# set interfaces openvpn vtun0 server subnet
192.168.200.0/24
vyatta@V1# set interfaces openvpn vtun0 tls ca-cert-file /config/
auth/ca.crt
vyatta@V1# set interfaces openvpn vtun0 tls cert-file /config/auth/
V1.crt
vyatta@V1# set interfaces openvpn vtun0 tls crl-file /config/auth/
crl.pem
vyatta@V1# set interfaces openvpn vtun0 tls dh-file /config/auth/
dh1024.pem
vyatta@V1# set interfaces openvpn vtun0 tls key-file /config/auth/
V1.key
vyatta@V1# commit
vyatta@V1# show interfaces openvpn vtun0
mode server
server {
subnet 192.168.200.0/24
}
tls {
ca-cert-file /config/auth/ca.crt
cert-file /config/auth/V1.crt
crl-file /config/auth/cr1.pem
dh-file /config/auth/dh1024.pem
key-file /config/auth/V1.key
}
Command
vyatta@V2# set interfaces openvpn vtun0
vyatta@V2# set interfaces openvpn vtun0 mode client
vyatta@V2# set interfaces openvpn vtun0 remote-host 12.34.56.78
vyatta@V2# set interfaces openvpn vtun0 tls ca-cert-file /config/
auth/ca.crt
vyatta@V2# set interfaces openvpn vtun0 tls cert-file /config/
auth/V2.crt
vyatta@V2# set interfaces openvpn vtun0 tls key-file /config/
auth/V2.key
OpenVPN Configuration
25
Advertisement
Table of Contents
Related Manuals for Brocade Communications Systems 5600
Related Products for Brocade Communications Systems 5600
- Brocade Communications Systems 53-1001778-01
- Brocade Communications Systems 53-1001763-02
- Brocade Communications Systems 5300
- Brocade Communications Systems BROCADE 4424 BLADE SERVER 53-1000571-01
- Brocade Communications Systems Dimension 5100
- Brocade Communications Systems Brocade 5000
- Brocade Communications Systems 5450