beautypg.com

Moxa Technologies UC-7420/7410 User Manual

Page 70

background image

UC-7420/7410 User’s Manual

Managing Communication

4-18

Setup 1: Ethernet Bridging for Private Networks on Different Subnets

1. Set up four machines, as shown in the following diagram.

OpenVPN A

OpenVPN B

Host A

eth0: 192.168.2.171

Host B

eth0: 192.168.4.172

ixp0: 192.168.8.174

eth1: 192.168.2.173

local net

local net

InternetInternet

ixp1: 192.168.4.174

eth0: 192.168.8.173

Host A (B) represents one of the machines that belongs to OpenVPN A (B). The two remote
subnets are configured for a different range of IP addresses. When this setup is moved to a
public network, the external interfaces of the OpenVPN machines should be configured for
static IPs, or connect to another device (such as a firewall or DSL box) first.

2. Generate a preset shared key by typing the command:

# openvpn --genkey --secret secrouter.key

Copy the file that is generated to the OpenVPN machine.

3. Generate a script file named openvpn-bridge on each OpenVPN machine. This script

reconfigures interface “ixp1” as IP-less, creates logical bridge(s) and TAP interfaces, loads
modules, enables IP forwarding, etc.

#---------------------------------Start-----------------------------

#!/bin/sh

iface=ixp1 # defines the internal interface
maxtap=`expr 1` # defines the number of tap devices. I.e., # of tunnels

IPADDR=
NETMASK=
BROADCAST=

# it is not a great idea but this system doesn’t support
# /etc/sysconfig/network-scripts/ifcfg-ixp1
ifcfg_vpn()
{
while read f1 f2 f3 f4 r3
do
if [ “$f1” = “iface” -a “$f2” = “$iface” -a “$f3” = “inet” -a “$f4” = “static” ];then
i=`expr 0`
while :
do
if [ $i -gt 5 ]; then

break