The server is not on a 192.168.x.x network, it's on a 10.10.x.x network, hence the change. But I am probably doing a half a dozen things wrong.
My server.conf is:
Code: Select all
port 1194
dev tun
tls-server
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/xx.crt
key /etc/openvpn/keys/xx.key
dh /etc/openvpn/keys/dh.pem
mode server
ifconfig 10.8.0.1 10.8.0.2
ifconfig-pool 10.8.0.4 10.8.0.255
push "route 10.8.0.1 255.255.255.255"
push "route 10.10.0.0 255.255.255.0"
push "dhcp-option DOMAIN example.com"
push "dhcp-option DNS 10.10.0.1"
push "dhcp-option WINS 10.10.0.1"
keepalive 10 60
inactive 600
route 10.8.0.0 255.255.255.0
user openvpn
group openvpn
persist-tun
persist-key
verb 4
Code: Select all
port 1194
dev tun
remote some.address.here
tls-client
ca ca.crt
cert xx.crt
key xx.key
dh dh.pem
pull
verb 4
Additionally: I get prompted for a password when starting the server, which I'd really like to avoid. Any ideas?
Code: Select all
# systemctl start openvpn-server@server.service
Enter Private Key Password: