January 14, 2015

How to create openvpn tunnel between multiple interfaces between two hosts ubuntu linux

I want to create OpenVPN tunnel between two Ubuntu 12.10 hosts which has two interfaces, say:

Host1: eth0, eth1
Host2: eth0, eth1

A tunnel is wanted between:

Host1 (eth0) Host 2 (eth0)
Host1 (eth1) Host2 (eth1)

Questions:

1) How can this be done? Do I need to create two bridges for each interfaces and tap0 for br0 and eth0; and tap1 for br1 and eth1?
But in OpenVPN's server.conf, I can write dev tap, but how to add multiple bridge (br0, br1) and two taps (tap0 and tap1) in the config file?

2) How to do the routing, and firewalling (iptables) for this setup?
3) Do clients need additional configuration? Do I need to create taps and bridges on the client too? If so, how can this be added to client.conf?
In any OpenVPN install guide I have read, it shows some commands to create keys, etc. for the server, then copy the clients to the client machine. Is it enough or do I need to execute additional commands on the client side? What important certificates do I need at the client side?
When I just run openvpn commands in the shell, it didn't create tun or tap interfaces automatically. I used modprobe tun and sudo modprobe bridge. Next, the commands openvpn --mktun --dev tap0 were executed in separate script. Is this really needed, creating an interface before starting OpenVPN?

Click Here!