VPN Server IP
a.b.c.99
VPN Subnet IP
a.b.c.104 ~ a.b.c.107 (255.255.255.252)
VPN Server tun IP(a.b.c.105)
a.b.c.105
Client tun IP (a.b.c.106)
a.b.c.106
Route:
Use VPN server as default route
Server (a.b.c.99)
#Create conf
vi /etc/openvpn
# VPN server tun IP and VPN subnet netmask (size)
ifconfig a.b.c.105 255.255.255.252
# Some common settings
port 1194
proto tcp-server
mode server
tls-server
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
keepalive 10 120
comp-lzo
# VPN IP pool
ifconfig-pool a.b.c.106 a.b.c.107
# Use VPN server tun IP as gateway for VPN subnet
push "route-gateway a.b.c.105"
# vpn server use tun as route dev for vpn subnet
topology subnet
# vpn client use tun as route devo for vpn subnet
push "topology subnet"
# Use VPN server as default gateway
push "redirect-gateway def1 bypass-dhcp"
# Make VPN client user use 8.8.8.8 as defualt DNS
push "dhcp-option DNS 8.8.8.8"
#Enable Client to client traffic
client-to-client
#Enable forward
iptables -I FORWARD -j ACCEPT
hi,
ReplyDeleteon ubuntu 12.04 LTS 64 Bit:
ERROR: There is a clash between the --ifconfig local address and the internal DHCP server address -- both are set to a.b.c.106 -- please use the --ip-win32 dynamic option to choose a different free address from the --ifconfig subnet for the internal DHCP server
Client: Windows open vpn client