tag:blogger.com,1999:blog-7979378259821020425.post4808935604793140164..comments2024-01-31T05:01:09.874-08:00Comments on SaevolGo: Multi-Site OpenVPN Interconnect [Server-Client mode] + GRE tunnel over OpenVPNUnknownnoreply@blogger.comBlogger6125tag:blogger.com,1999:blog-7979378259821020425.post-68072750293860642032016-01-28T08:54:55.064-08:002016-01-28T08:54:55.064-08:00Main-Vyatta#set interfaces openvpn vtun0 mode site...Main-Vyatta#set interfaces openvpn vtun0 mode site-to-site<br />Vs.<br />vyatta@Main-Vyatta# set interfaces openvpn vtun0 mode server<br />vyatta@Main-Vyatta# set interfaces openvpn vtun0 server topology point-to-point<br /><br />I think it has something to do with the vpn architecture, how many sites to be connected and what I wanted to achieve. Honestly at that point of publishing I tried two different ways and both of them worked. <br />Now going through the OpenVPN book and all those articles which I consulted again I realize that these two differ in a way that one of them is useful for hub-and-spoke and the other one is useful for direct one-to-one link. <br /><br />There are other things coming to my mind on finding the facts behind these two, I must thank you for asking such an intriguing question. <br />Gohar Ahmedhttps://www.blogger.com/profile/00614288169644917715noreply@blogger.comtag:blogger.com,1999:blog-7979378259821020425.post-13817251872965854052016-01-28T07:54:30.640-08:002016-01-28T07:54:30.640-08:00set interfaces openvpn vtun0 server topology point...set interfaces openvpn vtun0 server topology point-to-point<br /><br />vs<br /><br />set interfaces openvpn vtun0 server topology site-to-site<br />Anonymoushttps://www.blogger.com/profile/02702588011913153378noreply@blogger.comtag:blogger.com,1999:blog-7979378259821020425.post-27606733075699162772016-01-27T13:47:13.474-08:002016-01-27T13:47:13.474-08:00Im not sure I understood this correctly...kindly e...Im not sure I understood this correctly...kindly explain..Also do forgive my memory it has been some years since I wrote that and Vyatta is now VyOS so this may not be accurate anymore.Gohar Ahmedhttps://www.blogger.com/profile/00614288169644917715noreply@blogger.comtag:blogger.com,1999:blog-7979378259821020425.post-64580974115280755822016-01-27T13:41:18.065-08:002016-01-27T13:41:18.065-08:00Is there a reason you switch from site to site con...Is there a reason you switch from site to site configuration in your previous post to point to point?Anonymoushttps://www.blogger.com/profile/02702588011913153378noreply@blogger.comtag:blogger.com,1999:blog-7979378259821020425.post-1918881834858693512013-12-24T21:30:48.835-08:002013-12-24T21:30:48.835-08:00Hi,
I hope its already taken care of and is done. ...Hi,<br />I hope its already taken care of and is done. Its nothing to worry about state. If you can Ping the GRE interfaces then that means the routing and everything is done perfect. <br />Vyatta takes some time to show it up, possibly a bug, m not sure why...but I've seen Vyatta saying "down" to interfaces in OpenVPN too which were pinging. Gohar Ahmedhttps://www.blogger.com/profile/00614288169644917715noreply@blogger.comtag:blogger.com,1999:blog-7979378259821020425.post-16350490058015274192013-12-14T07:20:15.781-08:002013-12-14T07:20:15.781-08:00I have question, about this readme. I setup 2 vyat...I have question, about this readme. I setup 2 vyatta routers 6.2 and 6.5 using openvpn site to site. Connection is established successfully. I can ping both site over local-ip. After create gre tunnel using local-ip of openvpn tunnel, but gre0 interface is down. I can ping using ip of gre tunnel.<br /> This is my config:<br />R1<br /><br /> openvpn vtun10 {<br /> local-address 10.20.1.2 {<br /> }<br /> local-port 5599<br /> mode site-to-site<br /> protocol udp<br /> remote-address 10.20.1.1<br /> remote-host <br /> remote-port 5599<br /> tls {<br /> ca-cert-file /config/auth/ca.crt<br /> cert-file /config/auth/vpn.crt<br /> key-file /config/auth/vpn.key<br /> role active<br /> }<br /> }<br /> tunnel tun10 {<br /> address 10.20.2.2/30<br /> encapsulation gre<br /> local-ip 10.20.1.2<br /> remote-ip 10.20.1.1<br /> }<br /><br /> <br />R2<br /><br /> openvpn vtun10 {<br /> local-address 10.20.1.1<br /> local-port 5599<br /> mode site-to-site<br /> protocol udp<br /> remote-address 10.20.1.2<br /> remote-host <br /> remote-port 5599<br /> tls {<br /> ca-cert-file /config/auth/ca.crt<br /> cert-file /config/auth/OpenVPN.crt<br /> dh-file /config/auth/dh1024.pem<br /> key-file /config/auth/OpenVPN.key<br /> role passive<br /> }<br /> }<br /> tunnel tun10 {<br /> address 10.20.2.1/30<br /> encapsulation gre<br /> local-ip 10.20.1.1<br /> remote-ip 10.20.1.2<br /> }Michałhttps://www.blogger.com/profile/00432786526117235657noreply@blogger.com