server.conf

 # ipkg install bridge-utils

 # echo 1 > /proc/sys/net/ipv4/ip_forward

 # echo 1 > /proc/sys/net/ipv4/ip_forward

(:table border=0 width=100% bgcolor=#eeffee:) Bridge-Startup Script "/etc/openvpn/bridge-scripts/bridge-start" (:cell:)

 
#!/bin/sh

#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################

# Define Bridge Interface
br="br0"

# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"

# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="192.168.1.77"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.1.255"
eth_default_gateway="192.168.1.99"

for t in $tap; do
    openvpn --mktun --dev $t
done

brctl addbr $br
brctl addif $br $eth

for t in $tap; do
    brctl addif $br $t
done

for t in $tap; do
    ifconfig $t 0.0.0.0 promisc up
done

ifconfig $eth 0.0.0.0 promisc up

ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
route add default gw $eth_default_gateway

(:tableend:)

(:table border=0 width=100% bgcolor=#eeffee:) VPN Startup Script "/etc/openvpn/startup" (:cell:)

 
#!/bin/sh

if [ -n "`pidof openvpn`" ]; then
  /bin/killall openvpn 2>/dev/null
fi

# load TUN/TAP kernel module
/sbin/modprobe tun
/sbin/modprobe bridge

# enable IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

# Startup VPN tunnel in daemon mode
/etc/openvpn/bridge-scripts/./bridge-start
/etc/init.d/openvpn start

(:tableend:)

cert "C:\\Program Files\\OpenVPN?\\config\\client1.crt" key "C:\\Program Files\\OpenVPN?\\config\\client1.key"

port 1194

dev tap0 ca /etc/openvpn/easy-rsa/keys/server/ca.crt cert /etc/openvpn/easy-rsa/keys/server/server.crt key /etc/openvpn/easy-rsa/keys/server/server.key dh /etc/openvpn/easy-rsa/keys/server/dh1024.pem ifconfig-pool-persist /etc/openvpn/ipp.txt server-bridge 192.168.1.77 255.255.255.0 192.168.1.250 192.168.1.254 push "dhcp-option WINS 192.168.1.77" keepalive 10 120 comp-lzo user nobody group nobody

status openvpn-status.log

(:table border=0 width=100% bgcolor=#eeffee:) client.conf (*.ovpn) (:cell:)

 
client
dev tap
proto udp
remote YOUR-SERVER-NAME-HERE 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\JAH-NOTEBOOK.crt"
key "C:\\Program Files\\OpenVPN\\config\\JAH-NOTEBOOK.key"
comp-lzo
verb 3

(:tableend:)

 [=

 [=

client.conf (*.ovpn) (:cell:) [=

=]

(:table border=0 width=100% bgcolor=#eeffee:) Create Config Files (:table border=0 width=100% bgcolor=#eeffee:) (:cell:) server.conf port 1194 proto udp dev tap0 ca /etc/openvpn/easy-rsa/keys/server/ca.crt cert /etc/openvpn/easy-rsa/keys/server/server.crt key /etc/openvpn/easy-rsa/keys/server/server.key dh /etc/openvpn/easy-rsa/keys/server/dh1024.pem ifconfig-pool-persist /etc/openvpn/ipp.txt server-bridge 192.168.1.77 255.255.255.0 192.168.1.250 192.168.1.254 push "dhcp-option WINS 192.168.1.77" keepalive 10 120 comp-lzo user nobody group nobody persist-key persist-tun status openvpn-status.log verb 3 (:tableend:) (:table border=0 width=100% bgcolor=#eeffee:) client dev tap proto udp remote YOUR-SERVER-NAME-HERE 1194 resolv-retry infinite nobind persist-key persist-tun ca "C:\\Program Files\\OpenVPN?\\config\\ca.crt" cert "C:\\Program Files\\OpenVPN?\\config\\JAH-NOTEBOOK.crt" key "C:\\Program Files\\OpenVPN?\\config\\JAH-NOTEBOOK.key" comp-lzo verb 3 (:tableend:) (:tableend:)

 **Note** You will need at least two very strong keys and one more for when you want to connect to the VPN. I recommend using https://www.grc.com/passwords.htm to get some sick passwords.

We will be setting up OpenVPN in Tap Mode which will allow us to establish a virtual Ethernet connection. This comes in very hand when you have windows/samba shares to get to and if you also want to get to other boxes on the network.

 **Note** You will need at least two very strong keys and one more for when you want to connect to the VPN. I recommend using https://www.grc.com/passwords.htm

(:table border=0 width=100% bgcolor=#eeffee:)

(:tableend:)

(:table border=0 width=100% bgcolor=#eeffee:)

(:table border=0 width=100% bgcolor=#eeffee:)

(:table border=0 width=100% bgcolor=#eeffee:)

(:table border=0 width=100% bgcolor=#eeffee:)

(:table border=0 width=100% bgcolor=#eeffee:)

(:table border=0 width=100% bgcolor=#eeffee:)

(:tableend:)

We will be setting up OpenVPN in Tap Mode which will allow us to establish

We will be setting up OpenVPN in Tap Mode which will allow us to establish<br>

We will be setting up OpenVPN in Tap Mode which will allow us to establish a virtual Ethernet connection. This comes in very hand when you have windows/samba shares to get to and if you also want to get to other boxes on the network.

 **Note** You will need at least two very strong keys and one more for when you want to

connect to the VPN. I recommend using https://www.grc.com/passwords.htm

Download Generation Tools

 **Note** Find Latest Version http://openvpn.net/index.php/downloads.html

=] (:tableend:)

Create Keys

 **Note** You will need at least two very strong keys and one more for when you want to connect to the VPN. I recommend using https://www.grc.com/passwords.htm

(:table border=0 width=100% bgcolor=#eeffee:) (:cell:)

 [=

 **NOTE** Find Latest Version http://openvpn.net/index.php/downloads.html

• Note** You may need to copy the bridge module to the correct folder
• NOTE** Find Latest Version http://openvpn.net/index.php/downloads.html

• Note** Find Latest Version http://openvpn.net/index.php/downloads.html

(:tableend:)

 # cd ~
 # wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
 # mkdir OpenVPN?_sandbox
 # tar -zxvf openvpn-2.0.9.tar.gz -C OpenVPN?_sandbox
 # cd OpenVPN?_sandbox/openvpn-2.0.9/easy-rsa/2.0
 # . ./vars
 # . ./clean-all
 # . ./build-ca
 # . ./build-key-server server
 # . ./build-key-pass client1
 # . ./build-dh
 # cd keys
 # mkdir server
 # mkdir clients
 # cp ca.crt server
 # cp ca.crt clients
 # cp ca.key server
 # cp dh1024.pem server
 # cp server.crt server
 # cp server.key server
 # cp client1.crt clients
 # cp client1.key clients

• Note** Find Latest Version http://openvpn.net/index.php/downloads.html

(:tableend:)

Download Generation Software

I) Download Generation Software (:table border=0 width=100% bgcolor=#eeffee:)

 # wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
 # mkdir OpenVPN?_sandbox
 # tar -zxvf openvpn-2.0.9.tar.gz -C OpenVPN?_sandbox
 # cd OpenVPN?_sandbox/openvpn-2.0.9/easy-rsa/2.0
 # . ./vars
 # . ./clean-all
 # . ./build-ca
 # . ./build-key-server server
 # . ./build-key-pass client1
 # . ./build-dh
 # cd keys
 # mkdir server
 # mkdir clients
 # cp ca.crt server
 # cp ca.crt clients
 # cp ca.key server
 # cp dh1024.pem server
 # cp server.crt server
 # cp server.key server
 # cp client1.crt clients
 # cp client1.key clients

• Note** Find Latest Version http://openvpn.net/index.php/downloads.html

Install OpenVPN and Friends

 # wget http://openvpn.net/release/openvpn-2.0.9.tar.gz    *Find Latest Version http://openvpn.net/index.php/downloads.html

(:tableend:)

Install OpenVPN? and Friends (:table border=0 width=100% bgcolor=#eeffee:) (:cell:)

 
 # ipkg install openssl
 # ipkg install liblzo1
 # ipkg install openvpn

(:tableend:)

Generating Certificates

  1) Download Generation Software
  (:table border=0 width=100% bgcolor=#eeffee:)

(:cell:)

 
 # cd ~
 # wget http://openvpn.net/release/openvpn-2.0.9.tar.gz * Find Latest Version [http://openvpn.net/index.php/downloads.html]

(:tableend:)

1. !/bin/sh

OPENVPN_DIR="/etc/openvpn"

cd $OPENVPN_DIR/easy-rsa/2.0 echo "Setting up vars"

1. . ./vars

echo "Cleaning"

1. . ./clean-all

echo "Building CA"

1. . ./build-ca

echo "Building Server Cert"

1. . ./build-key-server server

echo "Building Client Cert"

1. . ./build-key-pass JAH-NOTEBOOK

echo "Building Diffie Hellman"

1. . ./build-dh

echo "Copying Files"

cd keys mkdir server mkdir clients cp ca.crt server cp ca.crt clients cp ca.key server cp dh1024.pem server cp server.crt server cp server.key server cp JAH-NOTEBOOK.crt clients cp JAH-NOTEBOOK.key clients

Load Kernel Modules (:table border=0 width=100% bgcolor=#eeffee:) (:cell:)

 
 # update-modules
 # modprobe bridge
 # modprobe tun

(:tableend:)

 **Note** You may need to copy the bridge module to the correct folder

(:table border=0 width=100% bgcolor=#eeffee:) (:cell:)

 
 # cp /lib/modules/2.6.21.7/kernel/net/bridge/bridge.ko /lib/modules/2.6.21.7/kernel/drivers/net/
 # update-modules
 # modprobe bridge

(:tableend:)

Install Kernel Modules (:table border=0 width=100% bgcolor=#eeffee:) (:cell:)

 
 # ipkg install kernel-module-bridge
 # ipkg install kernel-module-tun

(:tableend:)

We will be setting up OpenVPN in Tap Mode which will allow us to establish a virtual Ethernet connection. This comes in very hand when you have windows/samba shares to get to and if you also want to get to other boxes on the network.

OpenVPN Tap Mode

Preface: This was done using 4.8 Beta SlugOS/BE, Kernel 2.6.21.7

We will be setting up OpenVPN? in Tap Mode which will allow us to establish a virtual Ethernet connection. This comes in very hand when you have windows/samba shares to get to and if you also want to get to other boxes on the network.

OpenVPN Tap Mode