Server settings

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
attiliovolpe
OpenVpn Newbie
Posts: 3
Joined: Sun Mar 26, 2023 11:03 am

Server settings

Post by attiliovolpe » Mon Jan 08, 2024 9:25 am

Good morning,

I had for long time an OPENVPN server up and running on a Raspberry pI4, now I'm going to set a new device and even using the same setting used on the other already set and working, I have a problem:

I get connected from the client, but unfortunately I don't see the network behind the server like before and is not possible to ping any address of the remote networ.

Hereby the server.conf:

Code: Select all

# OpenVPN -  Porte, Protocollo, e Tun

proto udp
dev tun
port 1194


# OpenVPN - Certificato Server, CA, e key

ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/raspyservervpn.crt
key /etc/openvpn/server/raspyservervpn.key


# Chiave DH

dh /etc/openvpn/server/dh.pem

# Configurazione di rete - Network Interna

server 10.10.8.0 255.255.255.0

# Decommenta questa riga per redirige tutte le connessioni attraverso il server OpenVPN
#push "redirect-gateway def1"

#Senza la riga successiva non vedo al rete remota ***COPIATO DAL PRECEDENTE FILE FUNZIONANTE ***
push "redirect-gateway def1 bypass-dhcp"

# Configurazione DNS - Usiamo quelli di Google
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

#Tramite “persist-key” non vengono letti di nuovo i file “key” e con “persist-tun” non vengono avviati di 
#nuovo i driver TUN e TAP per l’accesso di rete

persist-key
persist-tun

#Riducete i permessi del demone di OpenVPN tramite “user nobody” e “group nogroup”. 
#Con “status /var/log/openvpn-status.log” create un file per le informazioni di stato, 
#che vi mostrano la connessione attuale.

user nobody
group nogroup

keepalive 20 60
verb 3

#La prossima riga consente la connessione client to client, gli indirizzi IP della rete remota saranno visibili
client-to-client

#compress lz4-v2
comp-lzo

#Permetti la connessioni di client multipli con la stessa chiave

duplicate-cn

# Sicurezza TLS

cipher AES-256-CBC
tls-version-min 1.0
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache

# Log

status /var/log/openvpn-status.log
log-append /var/log/openvpn.log
verb 3



and hereby the client.ovpn:

Code: Select all

client
dev tun
proto udp
remote aliasdns xxxxxx (porta)

cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.0
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256

resolv-retry infinite
#compress lz4-v2
comp-lzo
nobind
persist-key
persist-tun
mute-replay-warnings
verb 3

<ca>



</ca>


<cert>



</cert>


<key>



</key>

Any helping will be appreciated.

Post Reply