Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- (client1 LAN: 192.168.10.0/24
- (OpenVPN client: client1, 192.168.10.101)
- |
- |
- v
- (NAT router,
- *dynamic* internet IP: 178.1.2.3)
- |
- |
- (...internet...)
- |
- |
- v
- (OpenVPN server,
- *static* IP:
- 1.2.3.4) <--- (...internet...) <--- (OpenVPN client,
- *dynamic* internet IP:
- client2, 88.1.2.3)
- # cat /etc/openvpn/graphyc.conf
- server 10.8.0.0 255.255.255.0
- verb 3
- key server-key.pem
- ca ca.pem
- cert server-cert.pem
- dh dh.pem
- keepalive 10 120
- persist-key
- persist-tun
- comp-lzo
- user nobody
- group nogroup
- # dir "clients" is chown'ed to nobody:nogroup
- client-config-dir clients
- client-to-client
- push "route 192.168.10.0 255.255.255.0"
- route 192.168.10.0 255.255.255.0
- proto udp
- port 1194
- dev tun
- # cat /etc/openvpn/clients/client1
- ifconfig-push 10.8.0.101 10.8.0.5
- iroute 192.168.10.0 255.255.255.0
- # cat /etc/openvpn/client1.conf
- client
- remote 1.2.3.4 1194 udp
- nobind
- dev tun
- comp-lzo yes
- verb 3
- explicit-exit-notify 5
- key /etc/openvpn/client1-key.pem
- cert /etc/openvpn/client1-cert.pem
- ca /etc/openvpn/ca.pem
- # cat /etc/openvpn/client2.conf
- client
- remote 1.2.3.4 1194 udp
- nobind
- dev tun
- comp-lzo yes
- verb 3
- explicit-exit-notify 5
- key /etc/openvpn/client2-key.pem
- cert /etc/openvpn/client2-cert.pem
- ca /etc/openvpn/ca.pem
- Sat Nov 18 11:48:29 2017 client2/88.1.2.3:48069 MULTI: Learn: 192.168.10.211 -> client1/178.1.2.3:52928
Add Comment
Please, Sign In to add comment
