good day i wanted to set up a VPN, to connect to my Nextcloud server at home (encrypted and all), using an smole extern Server i already have.
The VPN is ther by an extra layer of protection and also cause it mades the connecting betwin the devices esayer cause i got no ipv4 at home.
so i found a guide (https://averagelinuxuser.com/linux-vpn-server/)
unsing this script: https://raw.githubusercontent.com/Angri ... install.sh
in it selfe the VPN works, even my trafic gets reroutet.
But on problem i cannot ping or call the other client(Nextcloud server).
So my question ther for is, what do i have to change in my config:
Server side:
port [censored]
proto udp6
dev tun
user [censored]
group [censored]
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 1.0.0.1"
push "dhcp-option DNS 1.1.1.1"
push "redirect-gateway def1 bypass-dhcp"
server-ipv6 [censored?]
tun-ipv6
push tun-ipv6
push "route-ipv6 2000::/3"
push "redirect-gateway ipv6"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server[censored].crt
key server[censored].key
auth [censored]
cipher [censored]
ncp-ciphers [censored]
tls-server
tls-version-min 1.2
tls-cipher [censored]
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3
Client side:
proto udp
explicit-exit-notify
remote [censored]:[censored]
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name [censored] name
auth [censored]
auth-nocache
cipher [censored]
tls-client
tls-version-min 1.2
tls-cipher [censored]
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
<ca>
-----BEGIN CERTIFICATE-----
[censored]
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
[censored]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
[censored]
-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[censored]
-----END OpenVPN Static key V1-----
</tls-crypt>
Client to Client
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Client to Client
Openvpn has a server side option called --client-to-client
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Oct 05, 2021 11:23 am
Re: Client to Client
Do just have to copy that into the Config ??TinCanTech wrote: ↑Tue Oct 05, 2021 12:00 pmOpenvpn has a server side option called --client-to-client
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Oct 05, 2021 11:23 am
Re: Client to Client
okay i just addet it to the server.conf but still can not ping other devices
is ther any order thes confs are written in
(i made sure to restart the service)
is ther any order thes confs are written in
(i made sure to restart the service)
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Oct 05, 2021 11:23 am
Re: Client to Client
i tryt to add --client-to-client and client-to-client
i also tryt
iptables -A FORWARD -s 10.8.0.4 -d 10.8.0.2 -j ACCEPT
iptables -A FORWARD -s 10.8.0.2 -d 10.8.0.4 -j ACCEPT
last crashes the service btw
i also tryt
iptables -A FORWARD -s 10.8.0.4 -d 10.8.0.2 -j ACCEPT
iptables -A FORWARD -s 10.8.0.2 -d 10.8.0.4 -j ACCEPT
last crashes the service btw
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Client to Client
In the config file you add:
Code: Select all
client-to-client