Created
April 18, 2013 05:58
-
-
Save AymericG/5410475 to your computer and use it in GitHub Desktop.
server.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| port 1194 | |
| proto udp | |
| # "dev tun" will create a routed IP tunnel, | |
| # "dev tap" will create an ethernet tunnel. | |
| dev tun | |
| ca /etc/openvpn/server/ca.crt | |
| cert /etc/openvpn/server/server.crt | |
| key /etc/openvpn/server/server.key # This file should be kept secret | |
| dh /etc/openvpn/server/dh2048.pem | |
| # Configure server mode and supply a VPN subnet | |
| # for OpenVPN to draw client addresses from. | |
| # The server will take 10.8.0.1 for itself, | |
| # the rest will be made available to clients. | |
| # Each client will be able to reach the server | |
| # on 10.8.0.1. Comment this line out if you are | |
| # ethernet bridging. See the man page for more info. | |
| server 10.215.1.0 255.255.255.0 | |
| ifconfig-pool-persist /etc/openvpn/server/ipp.txt | |
| # Push routes to the client to allow it | |
| # to reach other private subnets behind | |
| # the server. Remember that these | |
| # private subnets will also need | |
| # to know to route the OpenVPN client | |
| # address pool (10.8.0.0/255.255.255.0) | |
| # back to the OpenVPN server. | |
| ;push "route 192.168.10.0 255.255.255.0" | |
| ;push "route 192.168.20.0 255.255.255.0" | |
| push "route 172.18.0.0 255.255.255.0" | |
| push "route 172.18.1.0 255.255.255.0" | |
| # To assign specific IP addresses to specific | |
| # clients or if a connecting client has a private | |
| # subnet behind it that should also have VPN access, | |
| # use the subdirectory "ccd" for client-specific | |
| # configuration files (see man page for more info). | |
| # EXAMPLE: Suppose the client | |
| # having the certificate common name "Thelonious" | |
| # also has a small subnet behind his connecting | |
| # machine, such as 192.168.40.128/255.255.255.248. | |
| # First, uncomment out these lines: | |
| ;client-config-dir ccd | |
| ;route 192.168.40.128 255.255.255.248 | |
| # Then create a file ccd/Thelonious with this line: | |
| # iroute 192.168.40.128 255.255.255.248 | |
| # This will allow Thelonious' private subnet to | |
| # access the VPN. This example will only work | |
| # if you are routing, not bridging, i.e. you are | |
| # using "dev tun" and "server" directives. | |
| client-config-dir /etc/openvpn/server/ccd | |
| #route 172.18.1.0 255.255.255.0 #MATTHEW -> THIS ROUTE WAS CAUSING ISSUE | |
| keepalive 10 120 | |
| comp-lzo | |
| persist-key | |
| persist-tun | |
| status /etc/openvpn/server/openvpn-status.log | |
| verb 3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment