--- /dev/null
+# OpenVPN Layer 2 Server\r
+\r
+## Installing OpenVPN packages\r
+\r
+TODO\r
+\r
+## Interface Setup\r
+\r
+TODO\r
+\r
+## Certificate and Key Setup Instructions\r
+\r
+TODO\r
+\r
+## Server configuration\r
+\r
+For server bridge option: First two parameters are the ip/netmask of\r
+the gateway on the bridged subnet. Next two paraters indicate the\r
+pool-start-IP and pool-end-IP, which is the part of your IP address\r
+pool that you have reserved just for VPN clients. You have to make\r
+sure the DHCP server on the company network is not handing those out\r
+to on-site systems.\r
+\r
+/etc/config/openvpn\r
+```\r
+config openvpn 'myvpn'\r
+ option enabled '1'\r
+ option dev 'tap0'\r
+ option port '1194'\r
+ option proto 'udp'\r
+ option status '/var/log/openvpn_status.log'\r
+ option log '/tmp/openvpn.log'\r
+ option verb '3'\r
+ option mute '5'\r
+ option keepalive '10 120'\r
+ option persist_key '1'\r
+ option persist_tun '1'\r
+ option user 'nobody'\r
+ option group 'nogroup'\r
+ option ca '/etc/easy-rsa/keys/ca.crt'\r
+ option cert '/etc/easy-rsa/keys/myvpn.crt'\r
+ option key '/etc/easy-rsa/keys/myvpn.key'\r
+ option dh '/etc/easy-rsa/keys/dh2048.pem'\r
+ option tls_server '1'\r
+ option tls_auth '/etc/easy-rsa/keys/ta.key 0'\r
+ option server_bridge '10.0.0.1 255.255.255.0 10.0.0.201 10.0.0.220'\r
+ option topology 'subnet'\r
+ option client_to_client '1'\r
+ list push 'persist-key'\r
+ list push 'persist-tun'\r
+ list push 'redirect-gateway def1'\r
+ # allow your clients to access to your network\r
+ list push 'route 10.0.0.0 255.255.255.0'\r
+ # push DNS to your clients\r
+ list push 'dhcp-option DNS 10.0.0.1'\r
+ # option comp_lzo 'no'\r
+```\r
+\r
+## Client setup information\r
+\r
+TODO\r
projects / librecmc / librecmc.git / commitdiff