Code: Select all
explicit-exit-notify 1
fast-io
script-security 3
# Specify protocol and port
proto udp
port 8443
topology subnet
# Specify the network and subnet
server 10.8.0.0 255.255.252.0
# Enable persistent connections
keepalive 10 120
# Use the tun device for routing
dev tun
auth SHA256
# Encryption
cipher CHACHA20-POLY1305
tls-ciphersuites TLS_CHACHA20_POLY1305_SHA256
data-ciphers CHACHA20-POLY1305:AES-128-GCM
dh /etc/openvpn/keys/dh.pem
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/EdVPN.crt
key /etc/openvpn/keys/EdVPN.key
# Configure logging
status /etc/openvpn/log/status.log 1
status-version 2
log /etc/openvpn/log/openvpn.log
verb 1
verify-client-cert none
push "dhcp-option DNS 8.8.8.8"
push "redirect-gateway def1 bypass-dhcp"
mute-replay-warnings
username-as-common-name
ping-timer-rem
persist-tun
persist-key
txqueuelen 2000
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /etc/openvpn/scripts/auth.sh
tun-mtu 1500
mssfix 1420
my ipip tunnel has 10.0.0.2 (the vpn server itself) and 10.0.0.1 (the server i want to route that specific ip through)
right now, from terminal, both servers can see and ping each other.