Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

OpenVPN access server

Another OpenVPN scenario involves connecting to OpenVPN Access Server and using the configuration information it provides to establish an OpenVPN tunnel to an OpenVPN server. The configuration for this scenario is very simple because the OpenVPN Access Server provides all the necessary VPN configuration information to the connecting host (the vRouter in this case). The following figure shows a configuration that uses OpenVPN Access Server.

Figure 1. Using OpenVPN access server to establish an OpenVPN tunnel

To configure V2 to establish an OpenVPN tunnel to an OpenVPN server using an OpenVPN Access Server as shown in the previous figure, perform the following steps in configuration mode.

Table 1. V2: Client-Side connection to OpenVPN access server (Autologin enabled)
Step Command

Create the vtun0 configuration node.

vyatta@V2# set interfaces openvpn vtun0

Specify the OpenVPN Access Server IP address.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration server 12.34.56.78

Specify the username to be authenticated by OpenVPN Access Server.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration username abcd

Specify the password to be authenticated by OpenVPN Access Server.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration password efgh

Commit the change.

vyatta@V2# commit

Show the configuration.

vyatta@V2# show interfaces openvpn vtun0
 remote-configuration {
    password efgh
    server 12.34.56.78
    username abcd
 }

This example is valid for a scenario in which Autologin is enabled on the OpenVPN server for tunnel establishment. If Autologin is disabled, the following commands must be used to establish the tunnel:

  • interfaces openvpnvtunx remote-configuration tunnel-username username
  • interfaces openvpnvtunx remote-configuration tunnel-password password

To configure V2 to establish an OpenVPN tunnel to an OpenVPN server (with Autologin disabled) using OpenVPN Access Server as shown in the previous figure, perform the following steps in configuration mode.

Table 2. V2: client-side connection to OpenVPN access server (Autologin disabled)
Step Command

Create the vtun0 configuration node.

vyatta@V2# set interfaces openvpn vtun0

Specify the OpenVPN Access Server IP address.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration server 12.34.56.78

Specify the username to be authenticated by OpenVPN Access Server.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration username abcd

Specify the password to be authenticated by OpenVPN Access Server.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration password efgh

Specify the username required to establish the tunnel with the OpenVPN server.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration tunnel-username tun-un3

Specify the password required to establish the tunnel with the OpenVPN server.

vyatta@V2# set interfaces openvpn vtun0 remote-configuration tunnel-password tun-pwdxyz

Commit the change.

vyatta@V2# commit

Show the configuration.

vyatta@V2# show interfaces openvpn vtun0
 remote-configuration {
    password efgh
    server 12.34.56.78
    tunnel-password tun-un3
    tunnel-username tun-pwdxyz
    username abcd
 }