Konfigurák klienta:
# rezim client
client
# definujeme rozhrani TAP (stejne jako na serveru)
dev tap
# definujeme protokol
proto tcp
# Zde zadejte adresu sveho serveru
remote 90.178.122.45 1194
# Pokud mate Dial-up, tohle je velmi dobry parametr
resolv-retry infinite
# definujeme, ze neni treba navazat se k specifickemu lokalnimu portu
nobind
pull
# Pro ne-Windows klienty muzete snizit po pripojeni privilegia
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
# bezdratove site velmi casto opakuji nektere pakety. Workaround.
mute-replay-warnings
# SSL/TLS nastaveni. certifikat serveru/autority a certifikat a klic klienta
ca "C:\\Program Files (x86)\\OpenVPN\\config\\keys\\firma\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\keys\\firma\\uzivatel.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\keys\\firma\\uzivatel.key"
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server
# TLS autentikace na strane klienta
#tls-auth "C:\\Program Files (x86)\\OpenVPN\\config\\keys\\firma\\ta.key" 1
route-method exe
route-delay 2
# Komprese datoveho toku
comp-lzo
# Mira ukecanosti logu
verb 3
Routovací tabulky:
1, destination:10.10.1.0 gateway 10.0.0.100 mask 255.255.255.0
2, destination:10.10.0.0 gateway 10.0.0.138 mask 255.255.255.0
Server mi ukazuje ze adresa vpn je 10.10.1.1 a jeho lokální adresa je 10.0.0.100
Firewall na serveru je vypnutý, myslím ten windowsáckej, jinej tam neni a v natu mam povolenej port 1194 pro spojeni k vpn serveru
Mám sem dát ještě něco? Díky moc.