Complete guide how to set up an OpenVPN Tap Bridge between two OpenWRT routers.
Copy + Paste Instructions listed below. Click Show More in description.
opkg update
opkg install luci-app-openvpn openvpn-easy-rsa openvpn-openssl nano tcpdump openvpn
easyrsa init-pki
easyrsa build-ca nopass
easyrsa build-server-full Server_SiteA nopass
easyrsa build-client-full Client_SiteA_SiteB nopass
easyrsa gen-dh
OpenVPN Server Config
config openvpn 'VPN_Tap_Server'
list push 'dhcp-option DNS 192.168.2.1'
option cipher 'AES-256-GCM'
option client_to_client '1'
option comp_lzo 'no'
option dev 'tap_vpn'
option keepalive '10 60'
option mssfix '1420'
option persist_key '1'
option persist_tun '1'
option port '7500'
option proto 'udp'
option remote_cert_tls 'client'
option reneg_sec '0'
option server_bridge '192.168.50.1 255.255.255.0 192.168.50.35 192.168.50.45'
option verb '5'
option enabled '1'
option ca '/etc/openvpn/ca_taptest.crt'
option dh '/etc/openvpn/dh_taptest.pem'
option cert '/etc/openvpn/taptest_Server.crt'
option key '/etc/openvpn/taptest_Server.key'
OpenVPN Client Config
config openvpn 'VPN_Tap_Client'
option auth_nocache '1'
option cipher 'AES-256-GCM'
option client '1'
option comp_lzo 'no'
option connect_retry '5 60'
option dev 'tap_vpn'
option float '1'
option nobind '1'
option persist_key '1'
option persist_tun '1'
option port '7500'
option proto 'udp'
option remote_cert_tls 'server'
option reneg_sec '0'
option verb '5'
option enabled '1'
list remote 'server.dyndns.org'
option ca '/etc/openvpn/ca_taptest.crt'
option cert '/etc/openvpn/taptest_Client.crt'
option key '/etc/openvpn/taptest_Client.key'
Problems?
* Restart both routers and clients.
* Test temporarily disabling Windows Firewall to ensure this is not blocking ping.
* Ensure OpenVPN config has the correct remote server address / IP.
Ещё видео!