Chapter 5: OpenVPN OpenVPN Commands 401

interfaces openvpn <vtunx> local‐host <ipv4>

Specifies the IP address of the local physical interface.

Syntax
set interfaces openvpn vtunx local-host ipv4
delete interfaces openvpn vtunx local-host
show interfaces openvpn vtunx local-host

Command Mode
Configuration mode.

Configuration Statement
interfaces {
openvpn vtunx {
local‐host ipv4
}
}

Parameters

vtunx The identifier for the OpenVPN interface. This may be vtun0 to
vtunx, where x is a non-negative integer.
ipv4 Optional. The IP address of the local physical interface. This is the
IP address on which connections are accepted. If not specified then
all connections are accepted.

Default
None.

Usage Guidelines
Use this command to configure the local IP address to which connections are accepted.
This can be used for a server endpoint in a client-server mode tunnel or the tcp-passive
endpoint when TCP is used in site-to-site mode. The value can be an IP address on any
of network interfaces on this endpoint. If this is set, the OpenVPN

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 402

process will only accept sessions coming in on the particular IP address, and this applies
to both UDP and TCP. If not set, OpenVPN accepts incoming sessions on any interface.

Use the set form of this command to specify the local IP address to which connections
are accepted.
Use the delete form of this command to remove the local IP address to which
connections are accepted.
Use the show form of this command to view the local IP address to which
connections are accepted.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 403

interfaces openvpn <vtunx> local‐port <port>

Specifies the port number to be used for OpenVPN traffic on the local tunnel
interface.

Syntax
set interfaces openvpn vtunx local-port port
delete interfaces openvpn vtunx local-port
show interfaces openvpn vtunx local-port

Command Mode
Configuration mode.

Configuration Statement
interfaces {
openvpn vtunx {
local‐port port
}
}

Parameters

vtunx The identifier for the OpenVPN interface. This may be vtun0 to
vtunx, where x is a non-negative integer.
port Optional. The port number on which incoming sessions are
accepted. The default is port 1194.

Default
The default is port 1194.

Usage Guidelines
Use this command to configure the local UDP or TCP port on which incoming sessions
are accepted. This can be used for a server endpoint in a client-server mode tunnel or the
tcp-passive endpoint when TCP is used in site-to-site mode.
Use the set form of this command to specify the local port to which incoming sessions
are accepted.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 404

Use the delete form of this command to remove the local port to which incoming
sessions are accepted.
Use the show form of this command to view the local port to which incoming
sessions are accepted.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 405

interfaces openvpn <vtunx> mode <mode>

Specifies the mode the OpenVPN interface will operate in.

Syntax
set interfaces openvpn vtunx mode mode
delete interfaces openvpn vtunx mode
show interfaces openvpn vtunx mode

Command Mode
Configuration mode.

Configuration Statement
interfaces {
openvpn vtunx {
mode mode
}
}

Parameters

vtunx The identifier for the OpenVPN interface. This may be vtun0 to
vtunx, where x is a non-negative integer.
mode Mandatory. The mode the OpenVPN interface will operate in.
Supported values are as follows:
client: The endpoint is the client in a client-server OpenVPN
tunnel.
server: The endpoint is the server in a client-server OpenVPN
tunnel.
site-to-site: The endpoint is one end of a site-to-site OpenVPN
tunnel.

Default
None.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 406

Usage Guidelines
Use this command to specify the mode the OpenVPN interface will operate in.
Use the set form of this command to specify the mode the OpenVPN interface will
operate in.
Use the delete form of this command to remove the mode the OpenVPN interface will
operate in.
Use the show form of this command to view the mode the OpenVPN interface will
operate in.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 407

interfaces openvpn <vtunx> openvpn‐option <options>

Specifies additional OpenVPN options.

Syntax
set interfaces openvpn vtunx openvpn-option options
delete interfaces openvpn vtunx openvpn-option show
interfaces openvpn vtunx openvpn-option

Command Mode
Configuration mode.

Configuration Statement
interfaces {
openvpn vtunx {
openvpn‐option options
}
}

Parameters

vtunx The identifier for the OpenVPN interface. This may be vtun0 to
vtunx, where x is a non-negative integer.
options Multi-node. The string of options to pass to the OpenVPN process.
You can define multiple openvpn option lists by creating multiple
openvpn-option configuration nodes. Each must have a unique
configuration.

Default
None.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 408

Usage Guidelines
Use this command to specify additional OpenVPN options that are not available within
Vyatta OpenVPN commands. As the OpenVPN process has over two hundred
commands only a base set is available through Vyatta commands. This command
provides access to all options available in OpenVPN. Further information regarding
OpenVPN can be found at http://openvpn.net/.
Use the set form of this command to specify additional OpenVPN options.
Use the delete form of this command to remove additional OpenVPN options.
Use the show form of this command to view additional OpenVPN options.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 409

interfaces openvpn <vtunx> protocol <protocol>

Specifies the OpenVPN communications protocol.

Syntax
set interfaces openvpn vtunx protocol protocol
delete interfaces openvpn vtunx protocol
show interfaces openvpn vtunx protocol

Command Mode
Configuration mode.

Configuration Statement
interfaces {
openvpn vtunx {
protocol protocol
}
}

Parameters

vtunx The identifier for the OpenVPN interface. This may be vtun0 to
vtunx, where x is a non-negative integer.
protocol The OpenVPN communications protocol. Supported values are as
follows:
tcp-active: TCP transport protocol - active role.
tcp-passive: TCP transport protocol - passive role.
udp: UDP transport protocol. This is the default.

Default
The default is udp.

Usage Guidelines
Use this command to specify the OpenVPN communications protocol.

VPN 6.5R1 v01 Vyatta

Chapter 5: OpenVPN OpenVPN Commands 410

Use the set form of this command to specify the OpenVPN communications
protocol.
Use the delete form of this command to remove the OpenVPN communications
protocol.
Use the show form of this command to view the OpenVPN communications
protocol.
VPN 6.5R1 v01
Vyatta