generate the secret and copy it to all peers:
openvpn –genkey –secret /etc/openvpn/keys/p2p-secret.key
target:
port 5500
proto udp
dev tun200
ifconfig 172.17.4.1 172.17.4.2
secret keys/p2p-secret.key
comp-lzo
cipher AES-256-CBC
script-security 2
status /var/log/openvpn-status.log
log /var/log/openvpn.log
initiator:
dev tun
proto udp
remote blog.it-training.pro 5500
ifconfig 172.17.4.6 172.17.4.5
port 5500
nobind
user openvpn
group openvpn
persist-key
persist-tun
secret keys/p2p-secret.key
cipher AES-256-CBC
comp-lzo
verb 3
VyOS initiator:
set interfaces openvpn vtun9
set interfaces openvpn vtun9 local-address 172.17.4.6
set interfaces openvpn vtun9 remote-address 172.17.4.5
set interfaces openvpn vtun9 remote-host blog.it-training.pro
set interfaces openvpn vtun9 encryption aes256
set interfaces openvpn vtun9 openvpn-option ‘comp-lzo’
set interfaces openvpn vtun9 local-port 5500
set interfaces openvpn vtun9 remote-port 5500
set interfaces openvpn vtun9 mode site-to-site
#manually upload the secret file in the /conf/auth location
set interfaces openvpn vtun9 shared-secret-key-file /config/auth/p2p-secret.key
commit;save