Using Openbsd and Openvpn quickly build enterprise VPN

My home-host configuration examples following home.up following #!/bin/s routeadd – net192.168.1.0/2410.1.0.1openvpn-startup.s following #!/bin/s/usr/local/sbin/openvpn--config/etc/openvpn/static-home.constatic-home.conf following devtun0remote61.131.58.xifconfig10.1.0.210.1.0.1up./home.upsecret/etc/openvpn/static.keyport5000comp-lzoping15ping15ping-restart45ping-timer-rempersist-tunpersist-keyverb3 in home office hosts and using pf firewall on the host, edit/etc/sysctl.con net.inet.ip.forwarding = 1net.inet6.ip6.forwarding = 1 and remove the # edit/etc/rc.con pf = YES my pf.conf office hosts are as follows: ext_if = "rl1" # replacewithactualexternalinterfacenamei.e., dc0int_if = "rl0" # replacewithactualinternalinterfacenamei.e., dc1internal_net = "192.168.1.0/24" priv_nets = "{127.0.0.0/8, 16, 172.16.0.0 192.168.0.0//12, 10.0.0.0/8}" setoptimizationaggressivescrubinallnaton $ ext_iffrom $ internal_nettoany-> 61.131.58.x/32blockallpassquickonlo0allpassquickontun0allpassinon $ int_iffromanytoanykeepstatepassouton $ int_iffromanytoanykeepstateblockdropinquickon $ ext_iffrom $ priv_netstoanyblockdropoutquickon $ ext_iffromanyto $ priv_netspassouton $ ext_ifprototcpallmodulatestateflagsS/SApassouton $ ext_ifproto {udp, icmp} allkeepstate my pf.conf home hosts are as follows: ext_if = "rl1" # replacewithactualexternalinterfacenamei.e., dc0int_if = "rl0" # replacewithactualinternalinterfacenamei.e., dc1internal_net = "192.168.0.0/24" priv_nets = "{127.0.0.0/8, 16, 172.16.0.0 192.168.0.0//12, 10.0.0.0/8}" setoptimizationaggressivescrubinallnaton $ ext_iffrom $ internal_nettoany-> 218.85.158.244/32blockallpassquickonlo0allpassquickontun0allpassinon $ int_iffromanytoanykeepstatepassouton $ int_iffromanytoanykeepstateblockdropinquickon $ ext_iffrom $ priv_netstoanyblockdropoutquickon $ ext_iffromanyto $ priv_netspassouton $ ext_ifprototcpallmodulatestateflagsS/SApassouton $ ext_ifproto {udp, icmp} allkeepstate restart office and home hosts # cd/etc/openvpn #/openvpn-startup.s 1Aclient in LAN-client-ping LAN 2bclient-ping192.168.0.45