665
edits
Changes
Jump to navigation
Jump to search
mLine 30:
Line 30: − + Line 41:
Line 41: − + − You will configure SME1 as a OpenVPN client and SME2 as an OpenVPN server+ − + − + + + + + + + + + + +
→Configuration
Once conected, OpenVPN makes no difference between client and server, we just need to define which endpoint will bind on a local port waiting for a connection of the remote endpoint.
Once conected, OpenVPN makes no difference between client and server, we just need to define which endpoint will bind on a local port waiting for a connection of the remote endpoint.
Lets take a simple example. You manage two SME servers
Lets take a simple example. We manage two SME servers
* SME1
* SME1
** Local network: 192.168.9.0/24 (192.168.9.1 being the address of the internal interface of SME1)
** Local network: 192.168.9.0/24 (192.168.9.1 being the address of the internal interface of SME1)
[[File:Ovpn_s2s_rzo_avant_vpn.png|768px|thumb|center|Before the VPN inter-connection]]
[[File:Ovpn_s2s_rzo_avant_vpn.png|768px|thumb|center|Before the VPN inter-connection]]
Now, you want to connect both servers, so that the two private networks can see each other.
Now, we want to connect both servers, so that the two private networks can see each other.
We will configure SME1 as a OpenVPN client and SME2 as an OpenVPN server. We'll use the shared secret method as it's easier to configure.
So, in SME1 server-manager, you'll have to add a new client (in OpenVPN Site to Site panel) and configure it like this:
So, in SME1 server-manager, we'll have to add a new client (in OpenVPN Site to Site panel) and configure it like this:
[[File:Ovpn_s2s_add_client.png|768px|thumb|center|Configure a new client daemon]]
[[File:Ovpn_s2s_add_client.png|768px|thumb|center|Configure a new client daemon]]
Now, on SME2, add a new server, and configure it like this:
Then, click on the next button, we'll have a page to configure the shared secret key. We can generate such keys using openvpn command (on your SME Server, or on another linux box. I'm not sure if we can do the same under Windows). To create a new key, type the following command on your shell:
openvpn --genkey --secret /dev/stdout
And copy the output in the page of the server-manager, like this:
[[File:Ovpn_s2s_shared_secret.png|768px|thumb|center|Enter the secret key]]
Now, on SME2, we add a new server, and configure it like this:
[[File:Ovpn_s2s_add_server.png|768px|thumb|center|Configure a new server daemon]]
[[File:Ovpn_s2s_add_server.png|768px|thumb|center|Configure a new server daemon]]
On the next page, we have to enter the same key we've used on SME1
=== Features ===
=== Features ===