Moxa RM-1050-T [40/52] Setup 1 ethernet bridging for private networks on different subnets

ioPAC RTU Software RTU Communications

4-15

Setup 1: Ethernet Bridging for Private Networks on Different Subnets

1. Set up four machines, as shown in the following diagram.

Host A (B) represents one of the machines that belongs to OpenVPN A (B). The two remote subnets are

configured for a different range of IP addresses. When this setup is moved to a public network, the external

interfaces of the OpenVPN machines should be configured for static IPs, or connect to another device (such as

a firewall or DSL box) first.

# openvpn --genkey --secret secrouter.key

Copy the file that is generated to the OpenVPN machine.

2. Create link symbols to enable this script at boot time:

# ln -s /etc/openvpn/openvpn-bridge /etc/rc.d/rc3.d/S32vpn-br # for example

# ln -s /etc/openvpn/openvpn-bridge /etc/rc.d/rc6.d/K32vpn-br # for example

3. Create a configuration file named A-tap0-br.conf and an executable script file named A-tap0-br.sh on

OpenVPN A.

# point to the peer

remote 192.168.8.174

dev tap0

secret /etc/openvpn/secrouter.key

cipher DES-EDE3-CBC

auth MD5

tun-mtu 1500

tun-mtu-extra 64

ping 40

up /etc/openvpn/A-tap0-br.sh

#----------------------------------Start------------------------------

#!/bin/sh

# value after “-net” is the subnet behind the remote peer

route add -net 192.168.4.0 netmask 255.255.255.0 dev br0

#---------------------------------- end ------------------------------

Create a configuration file named B-tap0-br.conf and an executable script file named B-tap0-br.sh on

OpenVPN B.

# point to the peer

remote 192.168.8.173

dev tap0

secret /etc/openvpn/secrouter.key