In this configuration all clients are in bridge.
This config is without encryption.
Before you start you need to generate ca.crt, server.crt, server.key, dh1024.pem and clients keys and certificates
#Begin server.conf
local x.x.x.x
port 1194
proto udp
dev tap
server-bridge 192.168.100.10 255.255.255.0 192.168.100.129 192.168.100.254
ca /usr/local/etc/keys/ca.crt
cert /usr/local/etc/keys/server.crt
key /usr/local/etc/keys/server.key # This file should be kept secret
dh /usr/local/etc/keys/dh1024.pem
# Don't put this in the keys directory unless user nobody can read it
#crl-verify /usr/local/etc/keys/crl.pem
#Make sure this is your tunnel address pool
#server 10.10.101.0 255.255.255.0
ifconfig-pool-persist ipp.txt
#This is the route to push to the client, add more if necessary
#push "dhcp-option DNS 10.0.0.2"
keepalive 10 120
#cipher BF-CBC #Blowfish encryption
cipher none
###comp-lzo
user nobody
group nobody
persist-key
persist-tun
client-to-client
status openvpn-status.log
verb 6
mute 20
#client-config-dir /usr/local/etc/openvpn/ccd
ping-restart 0
=====================================================
cat ipp.txt
1.example.com,10.10.101.8
2.example.com,10.10.101.12
3.example.com,10.10.101.16
4.example.com,10.10.101.20
5.example.com,10.10.101.24
6.example.com,10.10.101.28
7.example.com,10.10.101.32
8.example.com,10.10.101.36
9.example.com,10.10.101.40
10.example.com,10.10.101.44
11.example.com,10.10.101.48
===============================================================
===============================================================
CLIENT SIDE
client
dev tap
proto udp
remote x.x.x.x 1194 #server ip address
resolv-retry infinite
nobind
persist-key
persist-tun
ca /tmp/openvpncl/ca.crt
cert /tmp/openvpncl/client.crt
key /tmp/openvpncl/client.key
#comp-lzo
ping-restart 0
cipher none
Aici veti gasi detalii tehnice despre cum se pot realiza configurari software+ hardware.
Here you can find tehnical details about software/hardware configuration.
Abonați-vă la:
Postare comentarii (Atom)
Niciun comentariu:
Trimiteți un comentariu