OpenVPN: Connect your LANs over the Internet

Bridged static setup

by ross at 11:52:42 on June 2, 2017

In this example the server and client LANs use the same network addresses (192.168.10.0/24). bge0 is the name of internal network interface on both of them.

Server

/usr/local/etc/openvpn/openvpn_officelan.conf:

port 1194
dev tap0 # use unique tapN for every config
up openvpn_officelan.up.sh
down openvpn_officelan.down.sh
secret openvpn_officelan.key
cipher AES-256-CBC
script-security 2 # needed to execute .sh scripts

/usr/local/etc/openvpn/openvpn_officelan.up.sh:

#!/bin/sh

test=`/sbin/ifconfig bridge0 > /dev/null 2>&1`
if [ $? -ne 0 ]; then
    /sbin/ifconfig bridge0 create
    # Replace bge0 with your LAN interface:
    /sbin/ifconfig bridge0 addm bge0 up
    /sbin/ifconfig bridge0 up
fi

/sbin/ifconfig bridge0 addm $1
/sbin/ifconfig $1 up

/usr/local/etc/openvpn/openvpn_officelan.down.sh:

#!/bin/sh

/sbin/ifconfig bridge0 deletem $1
# chmod a+x *.sh

Client

/usr/local/etc/openvpn/openvpn_officelan.conf:

remote vpn.example.com 1194 # replace with your server address
dev tap0 # use unique tapN for every config
up openvpn_officelan.up.sh
down openvpn_officelan.down.sh
secret openvpn_officelan.key
cipher AES-256-CBC
script-security 2 # needed to execute .sh scripts

Create the same openvpn_officelan.up.sh and openvpn_officelan.down.sh scripts. Don't forget to chmod a+x them.

Run

Create rc.d script and run the daemon as decribed on the last page.

Comments