I do have the following configuration:
Code: Select all
dev tun
proto udp
port 1194
status /var/log/openvpn-status.log
log /var/log/openvpn.log
verb 3
persist-tun
persist-key
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/raspberrypi.crt
key /etc/openvpn/easy-rsa/keys/raspberrypi.key
dh /etc/openvpn/easy-rsa/keys/dh4096.pem
tls-auth /etc/openvpn/easy-rsa/keys/tlsauth.key 0
cipher AES-256-CBC
auth SHA512
keepalive 10 120
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA
server 192.168.178.0 255.255.255.0
tls-server
tls-version-min 1.2
auth-nocache
duplicate-cn
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.178.1"
push "block-outside-dns"
Code: Select all
#!/bin/bash
iptables -t filter -F
iptables -t nat -F
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s '192.168.178.0/24' -o eth0 -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
Thanks in advance.