- /
- /
- /
Set up OpenVPN at Site B
From the VPN menu choose OpenVPN. On the page under the Server tab, click the + button to create a new OpenVPN server.
Enter these values:
| Sever Mode | Peer to Peer (Shared Key) | |
| Protocol | UDP | |
| Device Mode | tun | |
| Interface | WAN | |
| Local Protocol | 9876 | 1194 is the default OpenVPN port. It doesn’t hurt to change it to another number to add some security through obscurity. Any unused port number may be used but we’ll stick to 9876 in this article. |
| Description | Site to Site | |
| Shared Key | Checked | |
| Encryption algorithm | AES-256-CBC (256-bit) | |
| Hardware Crypto | No Hardware Crypto Acceleration un- less it is needed for this hardware. | If in doubt, select ‘No Hardware Crypto Acceleration’. |
| IPv4 Tun- nel Net- work | 192.168.204.0/30 | Choose a subnet that’s not in use in any of the current LANs. This will be used internally by OpenVPN. We’re us- ing 192.168.204.0/30 here but any private range will do. The /30 mask is because OpenVPN will only use one IP address per site. We’re connecting two sites so two addresses will suffice. /24 will work but is overkill. |
| IPv6 Tun- nel Net- work | leave empty | |
| IPv4 Local Net- work/s | 192.168.20.0/24 | Site B’s subnet |
| IPv6 Local Net- work/s | leave empty | |
| IPv4 Re-mote Net- work/s | 192.168.10.0 | Site A’s subnet |
| IPv6 Re- mote | leave empty |
Click Save.
Note that our Site-to-site OpenVPN server is now shown in the Server overview. Click the edit button to the right of the server.
Note that in the Cryptographic Settings section, a Shared Key is now shown. Copy all text in the Shared Key text field, including the first lines beginning with # and the last line ending in —–.
