Created
March 8, 2014 04:11
-
-
Save justinzane/9425216 to your computer and use it in GitHub Desktop.
OpenWRT+OpenVPN Configs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
~ # cat /etc/config/network | |
config globals 'globals' | |
option ula_prefix 'fd05:960e:9254::/48' | |
config switch | |
option name 'switch0' | |
option reset '1' | |
option enable_vlan '1' | |
config switch_vlan | |
option device 'switch0' | |
option vlan '1' | |
option ports '0t 2 3 4 5' | |
option mtu '7000' | |
config switch_vlan | |
option device 'switch0' | |
option vlan '2' | |
option ports '0t 1' | |
config interface 'loopback' | |
option ifname 'lo' | |
option proto 'static' | |
option ipaddr '127.0.0.1' | |
option netmask '255.0.0.0' | |
config interface 'lan' | |
option ifname 'eth0.1' | |
option type 'bridge' | |
option _orig_ifname 'eth0.1 radio0.network1 radio1.network1' | |
option _orig_bridge 'true' | |
option proto 'static' | |
option ipaddr '192.168.0.2' | |
option netmask '255.255.255.0' | |
config interface 'wan' | |
option ifname 'eth0.2' | |
option proto 'dhcp' | |
option hostname 'router2' | |
config interface 'wan6' | |
option ifname '@wan' | |
option proto 'dhcpv6' | |
config interface 'tap0_openvpn' | |
option proto 'none' | |
option ifname 'tap0' | |
config interface 'br0_openvpn' | |
option type 'bridge' | |
option proto 'static' | |
option ifname 'tap0' | |
option ipaddr '192.168.3.102' | |
option netmask '255.255.255.0' | |
option gateway '192.168.3.2' | |
option broadcast '192.168.3.255' | |
option dns '192.168.3.2' | |
option macaddr 'ff:ff:ff:00:00:02' | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
~ # cat /etc/config/openvpn | |
package openvpn | |
################################################# | |
# justinzane jz-rs-01 # | |
################################################# | |
config openvpn justinzane-client | |
# Basic Setup ----------------------------------- | |
option enabled 1 | |
option daemon | |
option port 1194 | |
option proto udp | |
option remote jz-rs-01.justinzane.com | |
option resolv-retry infinite | |
option keepalive 10 120 | |
option comp-lzo adaptive | |
# Network Setup --------------------------------- | |
option device 'tap0' | |
option persist-tun | |
option persist-remote-ip | |
# Security -------------------------------------- | |
option ns-cert-type server | |
option tls-client | |
option tls-auth /etc/openvpn/justinzane-keys/ta.key 1 | |
option ca /etc/openvpn/justinzane_keys/ca.crt | |
option cert /etc/openvpn/justinzane_keys/router2.crt | |
option key /etc/openvpn/justinzane_keys/router2.key | |
option cipher AES-256-CBC | |
option auth SHA1 | |
option persist-key | |
# Performance ----------------------------------- | |
option passtos | |
# Logging --------------------------------------- | |
option writepid /var/run/openvpn.pid | |
option log /var/log/openvpn.log | |
option status /var/log/openvpn.status 10 | |
option verb 3 | |
option mute-replay-warnings |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment