![]() ![]() Each client will be able to reach the server on 10.8.0.1. ![]() The server will take 10.8.0.1 for itself, the rest will be made available # to clients. # Configure server mode and supply a VPN subnet for OpenVPN to draw client addresses # from. Should be subnet (addressing via IP) # unless Windows clients v2.0.9 and lower have to be supported # (then net30, i.e. Remember to use a unique Common Name for the server # and each of the client certificates. # See the "easy-rsa" directory for a series of scripts for generating RSA certificates # and private keys. # The server and all clients will use the same ca file. # Each client and the server must have their own cert and key file. # SSL/TLS root certificate (ca), certificate (cert), and private key (key). Paste/replace content with next: port 888 # transmit encapsulated tunnel traffic over TCP or UDP? Open file in editor: sudo nano /etc/openvpn/nf On new host, install openvpn: sudo apt install openvpn This guide is compatible with providing IPv6 protocol via tunnel out of the box: on each client it creates routes for both IPv4 and IPv6 addresses, however to use IPv6 you have to make sure your server has IPv6 address too. It could be any VPS, for example we tested it on AWS EC2 in us-east-1 Data Center (USA). First of all you need to rent any cheap VPS server from Data Center located in desired country.
0 Comments
Leave a Reply. |