ich habe auf Debian Stretch einen OpenVPN-Server installiert und mit folgender server.conf gestartet:
Code: Alles auswählen
local 192.168.1.6
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/mariadb.wisoserver.com.crt
key /etc/openvpn/easy-rsa/keys/mariadb.wisoserver.com.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 172.16.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
log-append openvpn.log
verb 3
explicit-exit-notify 1
Code: Alles auswählen
echo 1 > /proc/sys/net/ipv4/ip_forward
vi /etc/sysctl.conf
=> net.ipv4.ip.forward=1
sysctl -p
Code: Alles auswählen
systemctl start openvpn
Code: Alles auswählen
ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 52:54:00:34:54:7e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.6/24 brd 192.168.1.255 scope global ens3
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe34:547e/64 scope link
valid_lft forever preferred_lft forever
Grüße
Andre