<strong>/etc/openvpn/server.conf</strong>:
port 1194 proto udp dev tap0 ca ca.crt cert server1.crt key server1.key dh dh1024.pem server-bridge client-to-client keepalive 10 120 comp-lzo persist-key persist-tun verb 3
<strong>/etc/openvpn/client.conf</strong>:
client dev tap0 remote server1 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert web01.crt key web01.key ns-cert-type server comp-lzo verb 3
If you want to use openvpn to bridge a remote LAN to your local LAN via eth1 (which has no IP):
<strong>/etc/network/interfaces</strong>:
auto br0 iface br0 inet static pre-up /usr/sbin/openvpn --mktun --dev tap0 pre-up /usr/sbin/brctl addbr br0 address 10.1.1.9 netmask 255.255.255.0 post-up /sbin/ip link set tap0 up post-up /usr/sbin/brctl addif br0 tap0 post-up /sbin/ip link set eth1 up post-up /usr/sbin/brctl addif br0 eth1 post-down /sbin/ip link set br0 down post-down /usr/sbin/brctl delbr br0 post-down /sbin/ip link set eth1 down
If use use openvpn to access only the local machine the configuration is simpler and does not need bridge-utils:
auto tap0 iface tap0 inet static pre-up /usr/sbin/openvpn --mktun --dev tap0 address 10.1.1.10 netmask 255.255.255.0