Moxa Technologies UC-7420/7410 User Manual
Page 70
UC-7420/7410 User’s Manual
Managing Communication
4-18
Setup 1: Ethernet Bridging for Private Networks on Different Subnets
1. Set up four machines, as shown in the following diagram.
OpenVPN A
OpenVPN B
Host A
eth0: 192.168.2.171
Host B
eth0: 192.168.4.172
ixp0: 192.168.8.174
eth1: 192.168.2.173
local net
local net
InternetInternet
ixp1: 192.168.4.174
eth0: 192.168.8.173
Host A (B) represents one of the machines that belongs to OpenVPN A (B). The two remote
subnets are configured for a different range of IP addresses. When this setup is moved to a
public network, the external interfaces of the OpenVPN machines should be configured for
static IPs, or connect to another device (such as a firewall or DSL box) first.
2. Generate a preset shared key by typing the command:
# openvpn --genkey --secret secrouter.key
Copy the file that is generated to the OpenVPN machine.
3. Generate a script file named openvpn-bridge on each OpenVPN machine. This script
reconfigures interface “ixp1” as IP-less, creates logical bridge(s) and TAP interfaces, loads
modules, enables IP forwarding, etc.
#---------------------------------Start-----------------------------
#!/bin/sh
iface=ixp1 # defines the internal interface
maxtap=`expr 1` # defines the number of tap devices. I.e., # of tunnels
IPADDR=
NETMASK=
BROADCAST=
# it is not a great idea but this system doesn’t support
# /etc/sysconfig/network-scripts/ifcfg-ixp1
ifcfg_vpn()
{
while read f1 f2 f3 f4 r3
do
if [ “$f1” = “iface” -a “$f2” = “$iface” -a “$f3” = “inet” -a “$f4” = “static” ];then
i=`expr 0`
while :
do
if [ $i -gt 5 ]; then
break