openvpn p2p

vladimir simeonov
12/02/2017

generate the secret and copy it to all peers:

openvpn –genkey –secret /etc/openvpn/keys/p2p-secret.key

target:

port 5500
proto udp
dev tun200
ifconfig 172.17.4.1 172.17.4.2
secret keys/p2p-secret.key
comp-lzo

cipher AES-256-CBC
script-security 2

status /var/log/openvpn-status.log

log /var/log/openvpn.log

 

initiator:

dev tun
proto udp

remote blog.it-training.pro 5500
ifconfig 172.17.4.6 172.17.4.5
port 5500
nobind

user openvpn
group openvpn

persist-key
persist-tun

secret keys/p2p-secret.key
cipher AES-256-CBC

comp-lzo

verb 3

 

VyOS initiator:

set interfaces openvpn vtun9
set interfaces openvpn vtun9 local-address 172.17.4.6
set interfaces openvpn vtun9 remote-address 172.17.4.5
set interfaces openvpn vtun9 remote-host blog.it-training.pro
set interfaces openvpn vtun9 encryption aes256
set interfaces openvpn vtun9 openvpn-option ‘comp-lzo’
set interfaces openvpn vtun9 local-port 5500
set interfaces openvpn vtun9 remote-port 5500
set interfaces openvpn vtun9 mode site-to-site

#manually upload the secret file in the /conf/auth location
set interfaces openvpn vtun9 shared-secret-key-file /config/auth/p2p-secret.key
commit;save