Client to Client

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
lhw1221
OpenVpn Newbie
Posts: 4
Joined: Tue Oct 05, 2021 11:23 am

Client to Client

Post by lhw1221 » Tue Oct 05, 2021 11:45 am

good day i wanted to set up a VPN, to connect to my Nextcloud server at home (encrypted and all), using an smole extern Server i already have.
The VPN is ther by an extra layer of protection and also cause it mades the connecting betwin the devices esayer cause i got no ipv4 at home.

so i found a guide (https://averagelinuxuser.com/linux-vpn-server/)
unsing this script: https://raw.githubusercontent.com/Angri ... install.sh
in it selfe the VPN works, even my trafic gets reroutet.
But on problem i cannot ping or call the other client(Nextcloud server).

So my question ther for is, what do i have to change in my config:

Server side:

port [censored]
proto udp6
dev tun
user [censored]
group [censored]
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 1.0.0.1"
push "dhcp-option DNS 1.1.1.1"
push "redirect-gateway def1 bypass-dhcp"
server-ipv6 [censored?]
tun-ipv6
push tun-ipv6
push "route-ipv6 2000::/3"
push "redirect-gateway ipv6"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server[censored].crt
key server[censored].key
auth [censored]
cipher [censored]
ncp-ciphers [censored]
tls-server
tls-version-min 1.2
tls-cipher [censored]
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3


Client side:

proto udp
explicit-exit-notify
remote [censored]:[censored]
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name [censored] name
auth [censored]
auth-nocache
cipher [censored]
tls-client
tls-version-min 1.2
tls-cipher [censored]
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
<ca>
-----BEGIN CERTIFICATE-----
[censored]
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
[censored]
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
[censored]
-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
[censored]
-----END OpenVPN Static key V1-----
</tls-crypt>

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Client to Client

Post by TinCanTech » Tue Oct 05, 2021 12:00 pm

Openvpn has a server side option called --client-to-client

lhw1221
OpenVpn Newbie
Posts: 4
Joined: Tue Oct 05, 2021 11:23 am

Re: Client to Client

Post by lhw1221 » Tue Oct 05, 2021 12:12 pm

TinCanTech wrote:
Tue Oct 05, 2021 12:00 pm
Openvpn has a server side option called --client-to-client
Do just have to copy that into the Config ??

lhw1221
OpenVpn Newbie
Posts: 4
Joined: Tue Oct 05, 2021 11:23 am

Re: Client to Client

Post by lhw1221 » Tue Oct 05, 2021 1:24 pm

okay i just addet it to the server.conf but still can not ping other devices
is ther any order thes confs are written in

(i made sure to restart the service)

lhw1221
OpenVpn Newbie
Posts: 4
Joined: Tue Oct 05, 2021 11:23 am

Re: Client to Client

Post by lhw1221 » Tue Oct 05, 2021 2:05 pm

i tryt to add --client-to-client and client-to-client
i also tryt
iptables -A FORWARD -s 10.8.0.4 -d 10.8.0.2 -j ACCEPT
iptables -A FORWARD -s 10.8.0.2 -d 10.8.0.4 -j ACCEPT


last crashes the service btw

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Client to Client

Post by TinCanTech » Tue Oct 05, 2021 2:28 pm

In the config file you add:

Code: Select all

client-to-client

Post Reply