This will create a complete bridge and all network traffic (including UDP Broadcasts) will transfer over the VPN. If you do not want this, you will want a tunnel setup.
Produce OpenSSL certificate and keys and copy the key over to the other machine.
Client Config
client dev tap proto udp remote remote.host 1194
resolv-retry infinite nobind
persist-key persist-tun
ca cacert.pem cert openssl.crt key openssl.key cipher BF-CBC
comp-lzo
- To handle large UDP Packets
- and include OpenVPN overhead
- over DSL <-> DSL connections
fragment 1400 link-mtu 1400 mssfix 1300
log openvpn.log log-append openvpn.log verb 6 mute 20
Server Config
port 1194 proto udp dev tap
ca cacert.pem cert openssl.crt key openssl.key dh dh1024.pem
ifconfig-pool-persist ipp.txt
- Servers TAP interface IP and ip-range of connecting clients
server-bridge 192.168.0.1 255.255.255.0 192.168.1.2 192.168.1.5
client-to-client
keepalive 10 120 cipher BF-CBC # Blowfish (default) comp-lzo
- To handle large UDP Packets
- and include OpenVPN overhead
- over DSL <-> DSL connections
fragment 1400 link-mtu 1400 mssfix 1300
persist-key persist-tun
status openvpn-status.log log openvpn.log log-append openvpn.log verb 6 mute 20
Make sure ipforwarding is enabled, and setup a bridge device between your internal adaptor and the tap device. On the server site, give you tap device the ip address of the first IP in "server-bridge".
Start openvpn on each machine and now you should be able to ping any IP on either side of the VPN connection.
One page links to OpenVPNNotes: