Client-server OpenVPN

Lets say we have a vyatta router r1 with IP 74.125.77.104 serving DNS and DHCP for a network 10.12.0.0/16.

We want to provide VPN access to this network. First we must generate certificates and keys, this is described here: http://www.destinyforge.com/blogs/?p=38.

Then use the following configuration: openvpn vtun1 { local-port 9756 mode server openvpn-option "--push dhcp-option DNS 10.12.0.1 --push route 10.12.0.0 255.255.0.0" protocol tcp-passive server { subnet 172.17.0.0/16 topology subnet }  tls { ca-cert-file /root/easy-rsa/2.0/keys/ca.crt cert-file /root/easy-rsa/2.0/keys/r1.crt dh-file /root/easy-rsa/2.0/keys/dh1024.pem key-file /root/easy-rsa/2.0/keys/r1.key } } The tun device on the client side gets an IP in the subnet 172.17.0.0/16 ; here is a client config client proto tcp dev tun remote 74.125.77.104 9756 ca r1-ca.crt cert wires.crt key wires.key verb 4