On Sat, Apr 04, 2020 at 06:11:47PM -0600, The Doctor via Openvpn-users wrote: > And I wonder if Windows is gving me attitude. > > When I coneect , I can > ping numerical IPs but > won't resolve into Domain names. > > Further some ofthe client are using the ethernet connection > and not the VPN. > > So here is wht I have, > > for Server > > ------------------------------------------------------------------ > > local 192.168.81.1 > > port 1194 > > proto udp > > dev tun > > ca /usr/local/etc/openvpn/server/ca.crt > cert /usr/local/etc/openvpn/server/issued/server.crt > key /usr/local/etc/openvpn/server/private/server.key > > dh /usr/local/etc/openvpn/server/dh.pem > > topology subnet > > server 10.8.0.0 255.255.0.0 > > ifconfig-pool-persist ipp.txt > > push "redirect-gateway def1" > push "dhcp-option DNS 8.8.8.8" > push "dhcp-option DNS 192.168.81.1" > push "dhcp-option DNS 192.168.81.3" > push "dhcp-option DOMAIN DOMAIN.CA" > push "remote-gateway 192.168.81.2" > > client-to-client > > keepalive 1800 3600 > > tls-version-min 1.2 > tls-crypt /usr/local/etc/openvpn/server/ta.key # 0 # This file is secret > > cipher AES-256-CBC > > comp-lzo > max-clients 1000 > > user nobody > group nobody > > persist-key > persist-tun > > crl-verify /usr/local/etc/openvpn/easy-rsa/pki/crl.pem > status /var/log/openvpn-status.log > > log-append /var/log/openvpn.log > > verb 9 > > mute 20 > > > explicit-exit-notify 1 > fast-io > auth SHA512 > remote-cert-tls client > > --------------------------------------------- > > And my client file looks like > > ---------------------------------------------------------------------- > > > client > dev tun > proto udp > > remote domain.vpn 1194 > > nobind > > ca ca.crt > cert client.crt > key client.key > > revolv-retry infinite > redirect-gateway def1 > script-security 2 > dhcp-option DNS 192.168.81.1 > dhcp-option DNS 192.168.81.3 > dhcp-option DNS 8.8.8.8 > > dhcp-option DOMAIN DOMAIN.CA > > persist-key > persist-tun > route 0.0.0.0 192.0.0.0 10.8.0.1 > route 64.0.0.0 192.0.0.0 10.8.0.1 > route 128.0.0.0 192.0.0.0 10.8.0.1 > route 192.0.0.0 192.0.0.0 10.8.0.1 > mute-replay-warnings > auth-user-pass > remote-cert-tls server > cipher AES-256-CBC > auth SHA512 > tls-crypt ta.key > verb 9 > > mute 5 > > ------------------------------------------------------------------------- > > Still need pointers. >
Solved it! I run pf.coonf in FreeBSD. That needed some statement o get it to run properly. Now to figure out clients on Android, ipad, Centos and some others. <SNIP> New challenge, stupid windows wants ssh and vnc clients to use ethernet connection instead of VNC. What is needed so that Tera Term Putty UltraVNC TigerVNC and all other clients on Windows are using the tunnel instead of the ethernet? > > -- > Member - Liberal International This is doctor@@nl2k.ab.ca Ici > doctor@@nl2k.ab.ca > Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist > rising! > https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism > Those who cannot win on facts rely upon slander. -unknown > > > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! https://www.empire.kred/ROOTNK?t=94a1f39b Look at Psalms 14 and 53 on Atheism Those who cannot win on facts rely upon slander. -unknown _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
