Our private network at work is 192.168.0.0/22. My private network at home is 10.20.20.0/24. I'm going to use port 443/tcp at work for the server, since all other ports (except 80/tcp, that's already in use) are blocked from incoming traffic.
So I created all the certificates/keys for both the server and the client, but I'm a bit confused about how to configure the server. This is what my server.conf is looking like right now:
Code: Select all
proto tcp
port 443
dev tun0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/name-of-server.crt
key /etc/openvpn/private/name-of-server.key
dh /etc/openvpn/dh1024.pem
server 10.42.42.0 255.255.255.0
float
keepalive 10 120
comp-lzo
user _openvpn
group _openvpn
daemon openvpn
persist-key
persist-tun
push "route 192.168.0.0 255.255.252.0"
route 10.20.20.0 255.255.255.0
client-config-dir /etc/openvpn/ccdserver 10.42.42.0 255.255.255.0
I just put some random net here, this is what the tun0-interface will use? Should it be a "random" private network not in use, or should I use the same net as our private network at work (192.168.0.0/22)?
push "route 192.168.0.0 255.255.252.0"
As I understand it, this will "present" the worknetwork to the vpn-client? Am I correct?
route 10.20.20.0 255.255.255.0
I'm not really sure what this does. Should i put my home network here, or something else?
It would also be nice to get a suggestion on what the client.conf should look like.
Thanks!
