Notifications
Clear all
BugOverflow
1
Posty
1
Users
0
Reactions
1,088
Widok
0
15/03/2020 10:29 am
Topic starter
example config for server and system
1 Answer
0
15/03/2020 10:32 am
Topic starter
1. openvpn subnet 176.16.50.0, gateway 172.16.5.1
port 1194 proto udp dev tun ca /usr/local/etc/openvpn/server/ca.crt cert /usr/local/etc/openvpn/server/issued/server.crt key /usr/local/etc/openvpn/server/private/server.key dh /usr/local/etc/openvpn/server/dh.pem topology subnet mode server tls-server push "topology subnet" ifconfig 172.16.50.1 255.255.255.0 ifconfig-pool 172.16.50.2 172.16.50.250 route 172.16.0.0 255.255.0.0 route-gateway 172.16.50.1 push "route-gateway 172.16.50.1" push "route 172.16.0.0 255.255.0.0" push "dhcp-option DNS 1.1.1.1" client-to-client keepalive 10 120 tls-auth ta.key 0 # This file is secret cipher AES-256-CBC user nobody group nobody persist-key persist-tun status /var/log/openvpn/openvpn-status.log log-append /var/log/openvpn/openvpn.log verb 1 explicit-exit-notify 1 auth sha512 remote-cert-tls client tls-auth /usr/local/etc/openvpn/server/ta.key sndbuf 393216 rcvbuf 393216 push "sndbuf 393216" push "rcvbuf 393216"
3. edit /etc/pf.conf
nat on vtnet1 from 172.16.50.0/24 to any -> vtnet1
vtnet1 is interface where is connected other subnet from 172.16.X.X, example 172.16.5.15 or other ip, 176.16.50 is vpn subnet
4. reload
pfctl -f /etc/pf.conf