Brocade Communications Systems 5600 Reference Manual page 36

OpenVPN Configuration
In the preceding example, the V1 server can be configured with the client settings specific to the V2
client as follows (note that a static interface route is also needed for the subnet of the V2 client).
To configure this scenario, perform the following steps in configuration mode.
TABLE 13 V1 OpenVPN configuration: site-to-site with preshared secret
Step
Create the vtun0 configuration node.
Enter configuration commands.
Create the server configuration node.
Enter configuration commands.
Create the V2 client configuration node.
Specify the IP address of the client.
Specify the subnet at the server that the client can access.
Set the subnet at the client.
Enter configuration commands.
Commit the change.
Show the OpenVPN configuration.
To configure the static interface route to access the remote subnet through the OpenVPN tunnel,
perform the following steps in configuration mode.
TABLE 14 V1 static interface route configuration
Step
Create the static interface route to access the remote subnet
through the OpenVPN tunnel.
Commit the change.
Show the static routing configuration.
36
Command
vyatta@V1# set interfaces openvpn vtun0
...
vyatta@V1# set interfaces openvpn vtun0 server
...
vyatta@V1# set interfaces openvpn vtun0 server client V2
vyatta@V1# set interfaces openvpn vtun0 server client V2
ip 192.168.200.100
vyatta@V1# set interfaces openvpn vtun0 server client V2
push-route 192.168.300.0/24
vyatta@V1# set interfaces openvpn vtun0 server client V2
subnet 192.168.100.0/24
...
vyatta@V1# commit
vyatta@V1# show interfaces openvpn vtun0
...
server {
...
client V2 {
ip 192.168.200.100
push-route 192.168.300.0/24
subnet 192.168.100.0/24
}
...
}
...
Command
vyatta@V1# set protocols static interface-route
192.168.100.0/24 next-hop-interface vtun0
vyatta@V1# commit
vyatta@V1# show protocols static
interface-route 192.168.100.0/24 {
next-hop-interface vtun0 {
}
}
Brocade 5600 vRouter OpenVPN Reference Guide
53-1003719-03