Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA

181

182

183

184

185

186

187

188

189

190

4. Packages

OPENVPN_DEFAULT_TUN_MTU='1500'

OPENVPN_DEFAULT_MSSFIX='1300'

OPENVPN_DEFAULT_FRAGMENT='1300'

For ﬂi4l versions prior to 2.1.9 „tun-mtu“ parameters can’t be speciﬁed directly. But they

can be inﬂuenced indirectly with OPENVPN_x_LINK_MTU. tun-mtu values are about 45 byte smaller

than the values in OPENVPN_x_LINK_MTU. To get exact values only trying will help.

4.14.8. OpenVPN - Examples

Some examples will clarify the conﬁguration of package OpenVPN.

Example - Joining Two Nets Using ﬂi4l Routers

In the ﬁrst example two ﬂi4l routers will be connected. Nets behind each ﬂi4l router should

gain access to each other. Peter and Maria want to connect their nets over their ﬂi4l routers.

Peter uses a private net 192.168.145.0/24 and a DynDNS address ’peter.eisfair.net’. Marias

setup is similar while she is using 10.23.17.0/24 and DynDNS address ’maria.eisfair.net’. Both

trust in each other so they allow unlimited access to their complete nets for each other.

OpenVPN Option Peter Maria

OPENVPN_1_NAME= ’maria’ ’peter’

OPENVPN_1_REMOTE_HOST= ’maria.eisfair.net’ ’peter.eisfair.net’

OPENVPN_1_REMOTE_PORT= ’10000’ ’10001’

OPENVPN_1_LOCAL_PORT= ’10001’ ’10000’

OPENVPN_1_SECRET= ’pema.secret’ ’pema.secret’

OPENVPN_1_TYPE= ’tunnel’ ’tunnel’

OPENVPN_1_REMOTE_VPN_IP= ’192.168.200.202’ ’192.168.200.193’

OPENVPN_1_LOCAL_VPN_IP= ’192.168.200.193’ ’192.168.200.202’

OPENVPN_1_ROUTE_N= ’1’ ’1’

OPENVPN_1_ROUTE_1= ’10.23.17.0/24’ ’192.168.145.0/24’

OPENVPN_1_PF_INPUT_N= ’1’ ’1’

OPENVPN_1_PF_INPUT_1= ’ACCEPT’ ’ACCEPT’

OPENVPN_1_PF_FORWARD_N= ’1’ ’1’

OPENVPN_1_PF_FORWARD_1= ’ACCEPT’ ’ACCEPT’

Table 4.12.: OpenVPN Conﬁguration with 2 ﬂi4l routers

Example - Two Nets Connected By A Bridge

In the next example a bridge over a wi-ﬁ connection will be conﬁgured. Packet ﬁlters are

not of use here because usually ethernet frames will be forwarded but no IP packets. Please

remember that with a bridge a common net is used. Thus no IP address can exist twice.

In addition to the settings for OpenVPN a bridge has to be conﬁgured in ad-

vanced_networking and base.txt has to be adapted to use the bridge device and not eth0

as the network device for the internal net. See the relevant entries in advanced_networking’s

and base’s conﬁguration ﬁles:

Example - Conﬁgure Access For A Road Warrior

For this example (Roadwarrior) access to a LAN behind ﬂi4l should be conﬁgured for a note-

book with Windows XP over GPRS. OpenVPN is installed on the notebook and the *.ovpn ﬁle

181