Fixed some parts of VPN.

2026-02-03 14:10:08 +00:00 · 2022-06-15 18:46:08 +01:00 · 2022-06-15 18:46:08 +01:00 · c241651b25
commit c241651b25
parent 251942f76f
4 changed files with 10 additions and 9 deletions
--- a/router1.startup
+++ b/router1.startup
@ -15,4 +15,4 @@ ip route add 0.0.0.0/0 via 6.6.6.2
    chmod 0600 router1-server.key ta.key

    # Then start server
-    openvpn --client-config-dir ccd --ccd-exclusive --cipher AES-256-CBC --config server.conf &
+    openvpn server.conf &
--- a/router1/root/server.conf
+++ b/router1/root/server.conf
@ -138,7 +138,7 @@ ifconfig-pool-persist /var/log/openvpn/ipp.txt
 # to know to route the OpenVPN client
 # address pool (10.8.0.0/255.255.255.0)
 # back to the OpenVPN server.
-;push "route 192.168.10.0 255.255.255.0"
+push "route 5.4.3.0 255.255.255.0"
 ;push "route 192.168.20.0 255.255.255.0"

 # To assign specific IP addresses to specific
@ -152,8 +152,9 @@ ifconfig-pool-persist /var/log/openvpn/ipp.txt
 # also has a small subnet behind his connecting
 # machine, such as 192.168.40.128/255.255.255.248.
 # First, uncomment out these lines:
-;client-config-dir ccd
-;route 192.168.40.128 255.255.255.248
+client-config-dir ccd
+ccd-exclusive
+route 5.4.3.0 0.0.0.255
 # Then create a file ccd/Thelonious with this line:
 #   iroute 192.168.40.128 255.255.255.248
 # This will allow Thelonious' private subnet to
@ -189,7 +190,7 @@ ifconfig-pool-persist /var/log/openvpn/ipp.txt
 # (The OpenVPN server machine may need to NAT
 # or bridge the TUN/TAP interface to the internet
 # in order for this to work properly).
-;push "redirect-gateway def1 bypass-dhcp"
+push "redirect-gateway def1"

 # Certain Windows-specific network settings
 # can be pushed to clients, such as DNS
@ -206,7 +207,7 @@ ifconfig-pool-persist /var/log/openvpn/ipp.txt
 # To force clients to only see the server, you
 # will also need to appropriately firewall the
 # server's TUN/TAP interface.
-;client-to-client
+client-to-client

 # Uncomment this directive if multiple clients
 # might connect with the same certificate/key
@ -260,7 +261,7 @@ cipher AES-256-CBC
 # For compression compatible with older clients use comp-lzo
 # If you enable it here, you must also
 # enable it in the client config file.
-;comp-lzo
+comp-lzo

 # The maximum number of concurrently connected
 # clients we want to allow.
--- a/router3.startup
+++ b/router3.startup
@ -41,4 +41,4 @@ ip route add 0.0.0.0/0 via 6.6.6.1
    chmod 0600 router3-client.key ta.key

    # Then start client
-    openvpn --redirect-gateway def1 --cipher AES-256-CBC --config client.conf &
+    openvpn client.conf &
--- a/router3/root/client.conf
+++ b/router3/root/client.conf
@ -118,7 +118,7 @@ cipher AES-256-CBC
 # Enable compression on the VPN link.
 # Don't enable this unless it is also
 # enabled in the server config file.
-#comp-lzo
+comp-lzo

 # Set log file verbosity.
 verb 3