Show pagesourceBack to top Share via Share via... Twitter LinkedIn Telegram Yammer RedditRecent ChangesSend via e-MailPrintPermalink × Table of Contents commands set up CA and generate certificates configure interface OpenVPN on Ubiquiti EdgeRouter commands restart OpenVPN reset openvpn interface set up CA and generate certificates easier with easy-rsa! https://blog.laslabs.com/2013/06/configure-openvpn-with-x-509-ubiquiti-edgerouter-lite/ sudo su cd /usr/lib/ssl/misc/ ./CA.sh -newca ./CA.sh -newreq ./CA.sh -sign cp demoCA/cacert.pem demoCA/private/cakey.pem /config/auth/ mv newcert.pem /config/auth/host.pem mv newkey.pem /config/auth/host.key openssl dhparam -out /config/auth/dhp.pem -2 1024 ./CA.sh -newreq ./CA.sh -sign mv newcert.pem client1.pem mv newkey.pem client1.key scp client1.* /config/auth/cacert.pem $CLIENT_USER@$CLIENT_IP:/etc/ssl/certs openssl rsa -in client1.key -out client1_nopass.key configure interface interfaces { openvpn vtun0 { mode server openvpn-option "--push route 192.168.69.0 255.255.255.0" openvpn-option "--push route 192.168.68.0 255.255.255.0" server { subnet 192.168.70.0/24 } tls { ca-cert-file /config/auth/cacert.pem cert-file /config/auth/host.pem dh-file /config/auth/dhp.pem key-file /config/auth/host.key } } } firewall name WAN_LOCAL rule 1 { action accept description OpenVPN destination { port 1194 } log disable protocol udp } Last modified: 2019-12-20 14:21