small tweak to make openvpn example server config valid
This commit is contained in:
		
							parent
							
								
									9216683902
								
							
						
					
					
						commit
						3b0a8ebc37
					
				
					 3 changed files with 10 additions and 10 deletions
				
			
		|  | @ -73,7 +73,7 @@ cat << EOF | |||
| # openvpn server config | ||||
| local $vpnserver | ||||
| server $vpnsubnet 255.255.255.0 | ||||
| push redirect-gateway def1 | ||||
| push "redirect-gateway def1" | ||||
| EOF | ||||
| )> $PWD/server.conf | ||||
| 
 | ||||
|  |  | |||
|  | @ -13,13 +13,13 @@ keyname=client1 | |||
| vpnserver="10.0.2.10" | ||||
| 
 | ||||
| # optional next hop for adding a static route to reach the VPN server | ||||
| nexthop="10.0.1.1" | ||||
| #nexthop="10.0.1.1" | ||||
| 
 | ||||
| # --------- END CUSTOMIZATION -------- | ||||
| 
 | ||||
| # validate addresses | ||||
| if [ "$(dpkg -l | grep " sipcalc ")" = "" ]; then | ||||
|     echo "WARNING: ip validation disabled because package sipcalc not installed  | ||||
|     echo "WARNING: ip validation disabled because package sipcalc not installed | ||||
|          " > $PWD/vpnclient.log | ||||
| else | ||||
|     if [ "$(sipcalc "$vpnserver" "$nexthop" | grep ERR)" != "" ]; then | ||||
|  | @ -59,5 +59,5 @@ verb 4 | |||
| daemon | ||||
| EOF | ||||
| ) > client.conf | ||||
|      | ||||
| 
 | ||||
| openvpn --config client.conf | ||||
|  |  | |||
|  | @ -12,7 +12,7 @@ keydir=/etc/core/keys | |||
| # the name used for a "$keyname.crt" certificate and "$keyname.key" private key. | ||||
| keyname=server2 | ||||
| 
 | ||||
| # the VPN subnet address from which the client VPN IP (for the TUN/TAP)  | ||||
| # the VPN subnet address from which the client VPN IP (for the TUN/TAP) | ||||
| # will be allocated | ||||
| vpnsubnet=10.0.200.0 | ||||
| 
 | ||||
|  | @ -22,18 +22,18 @@ vpnserver=10.0.2.10 | |||
| # optional list of private subnets reachable behind this VPN server | ||||
| # each subnet and next hop is separated by a space | ||||
| # "<subnet1>,<nexthop1> <subnet2>,<nexthop2> ..." | ||||
| privatenets="10.0.11.0,10.0.10.1 10.0.12.0,10.0.10.1" | ||||
| #privatenets="10.0.11.0,10.0.10.1 10.0.12.0,10.0.10.1" | ||||
| 
 | ||||
| # optional list of VPN clients, for statically assigning IP addresses to | ||||
| # clients; also, an optional client subnet can be specified for adding static | ||||
| # routes via the client | ||||
| # Note: VPN addresses x.x.x.0-3 are reserved | ||||
| # "<keyname>,<vpnIP>,<subnetIP> <keyname>,<vpnIP>,<subnetIP> ..." | ||||
| vpnclients="client1KeyFilename,10.0.200.5,10.0.0.0 client2KeyFilename,," | ||||
| #vpnclients="client1KeyFilename,10.0.200.5,10.0.0.0 client2KeyFilename,," | ||||
| 
 | ||||
| # NOTE: you may need to enable the StaticRoutes service on nodes within the | ||||
| # private subnet, in order to have routes back to the client. | ||||
| # /sbin/ip ro add <vpnsubnet>/24 via <vpnServerRemoteInterface>  | ||||
| # /sbin/ip ro add <vpnsubnet>/24 via <vpnServerRemoteInterface> | ||||
| # /sbin/ip ro add <vpnClientSubnet>/24 via <vpnServerRemoteInterface> | ||||
| 
 | ||||
| # -------- END CUSTOMIZATION -------- | ||||
|  | @ -60,7 +60,7 @@ else | |||
| $vpnsubnet or $vpnserver " >> $PWD/vpnserver.log | ||||
|     fi | ||||
| fi | ||||
|   | ||||
| 
 | ||||
| # create client vpn ip pool file | ||||
| ( | ||||
| cat << EOF | ||||
|  | @ -73,7 +73,7 @@ cat << EOF | |||
| # openvpn server config | ||||
| local $vpnserver | ||||
| server $vpnsubnet 255.255.255.0 | ||||
| push redirect-gateway def1 | ||||
| push "redirect-gateway def1" | ||||
| EOF | ||||
| )> $PWD/server.conf | ||||
| 
 | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue