Add site-to-site support

Counterpart of turris/reforis/reforis-openvpn#20

It would be nice to have an option to automatically create OpenVPN interface and add that interface to LAN zone so that full site-to-site VPN can be established.

We assume that the server supports this option and pushes routes for their networks.

The client would either

masquerade all traffic passing through VPN interface behind VPN inteface address (adding the interface to WAN zone might be enough)
not masquerade traffic passing through VPN interface and expect the server to know the route back here (done using --client-config-dir and --iroute options)

It is possible to walk through the whole process manually right now - e.g. using LuCI.

Edited Oct 13, 2020 by Martin Prudek

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Add site-to-site support