User`s manual
TC-6110 Linux User's Manual Managing Communications
3-31
2. On VPN server A (OpenVPN A), modify the remote address entry in the configuration file
/etc/openvpn/tun.conf by adding the address of OpenVPN B. Also, you must add an ifconfig entry
which indicates the local (1
st
) and remote (2
nd
) VPN gateway addresses, separated by a space.
# point to the peer
remote 192.168.8.174
dev tun
secret /etc/openvpn/secrouter.key
cipher DES-EDE3-CBC
auth MD5
tun-mtu 1500
tun-mtu-extra 64
ping 40
ifconfig 192.168.2.173 192.168.4.174
up /etc/openvpn/tun.sh
3. Next, change OpenVPN A’s /etc/openvpn/tun.sh so that the routing table matches the local subnet
the VPN gateway is serving. Notice the gw $5 appended to the end of this line: the $5 is a variable
argument that OpenVPN passes to the startup script. Its value is the second argument of ifconfig in the
/etc/openvpn/tun.conf file.
#---------------------------Start----------------------------
#!/bin/sh
# value after “-net” is the subnet behind the remote peer
route add -net 192.168.2.0 netmask 255.255.255.0 gw $5
#----------------------------end-----------------------------
4. On VPN server B (OpenVPN B), change the remote address in configuration file
/etc/openvpn/tun.conf by adding the address of OpenVPN A. Also, you must add an ifconfig entry
which indicates the local (1
st
) and remote (2
nd
) VPN gateway addresses, each separated by a space.
# point to the peer
remote 192.168.8.173
dev tun
secret /etc/openvpn/secrouter.key
cipher DES-EDE3-CBC
auth MD5
tun-mtu 1500
tun-mtu-extra 64
ping 40