Multiple Remote Endpoints (Client Only) - Brocade Communications Systems 5600 Reference Manual

Openvpn

Hide thumbs Also See for 5600:

Configuration manual (187 pages)

Reference manual (96 pages)

Quick start manual (48 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

page of 124

/ 124
Contents
Table of Contents
Bookmarks

Table of Contents

}

• device-type tap: This argument tells OpenVPN that the tunnel is to be used as a tap device and

operate on Layer 2 traffic. This configuration is required on both ends of the OpenVPN tunnel.

Site-to-site configuration

For site-to-site configurations, in addition to configuring the interface as tap device, you must also

indicate the subnet mask for the local address that is specified. To configure an OpenVPN site-to-site

interface as a tap device, use the configuration shown in the following example.

Configuration options related to tap devices for site-to-site interfaces

interfaces {

}

• device-type tap: This argument tells OpenVPN that the tunnel is to be used as a tap device and

operate on Layer 2 traffic. This configuration is required on both ends of the OpenVPN tunnel.

• local-address: This argument is the IP address at the local end of the OpenVPN tunnel.

• subnet-mask: This argument is the subnet mask for local-address (for example, 255.255.255.0).

Multiple remote endpoints (client only)

In client-server mode, the remote-host argument must be specified on the client endpoints so that the

clients can initiate the VPN sessions. In some environments, the administrator may want the clients to

have a list of servers to provide some redundancy— if one of the servers fails, a client can try the next

one. In the Brocade vRouter, this server list can be configured by specifying multiple remote-host

entries.

To configure multiple endpoints on V2, perform the following steps in configuration mode.

TABLE 12

V2 OpenVPN multiple endpoints configuration

Step

Create the vtun0 configuration node.

Enter configuration commands.

Specify the physical IP address of the first remote host.

Specify the physical IP address of the second remote host.

Specify the physical IP address of the third remote host.

Set the firewall rule for inbound traffic on the vtun0 interface.

Enter configuration commands.

Brocade 5600 vRouter OpenVPN Reference Guide

53-1003719-03

tap

}

openvpn if_name{

device-type

tap

local-address ipv4 {

subnet-mask mask

}

Command

vyatta@V2# set interfaces openvpn vtun0

...

vyatta@V2# set interfaces openvpn vtun0 remote-host

12.34.56.78

vyatta@V2# set interfaces openvpn vtun0 remote-host

12.34.56.79

vyatta@V2# set interfaces openvpn vtun0 remote-host

12.34.56.80

vyatta@V2# set interfaces openvpn vtun0 firewall in name

rules-in

...

Site-to-site configuration

Table of Contents

Multiple Remote Endpoints (Client Only) - Brocade Communications Systems 5600 Reference Manual

Multiple remote endpoints (client only)

Related Manuals for Brocade Communications Systems 5600

Related Content for Brocade Communications Systems 5600

Table of Contents