# /etc/openvpn/server.conf port 1194 proto udp dev tun0 # Certificados y claves. ca certs/ca.crt cert certs/server.crt key keys/server.key dh keys/dh2048.pem ;tls-verify "/usr/share/openvpn/verify-cn /etc/openvpn/allowed-cns" # Autentificacion con usuario/password verify-client-cert none username-as-common-name tmp-dir "/etc/openvpn/tmp/" plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so /etc/pam.d/login # Configuración de la red del túnel VPN server 10.8.0.0 255.255.255.0 topology subnet ifconfig-pool-persist ipp.txt push "route 192.168.255.0 255.255.255.0 vpn_gateway" push "dhcp-option DNS 1.1.1.1" push "dhcp-option DNS 1.0.0.1" keepalive 10 120 compress lz4 persist-key persist-tun status openvpn-status.log verb 3 cipher AES-128-CBC tls-auth keys/ta.key 0 user nobody group nogroup max-clients 5 ;client-to-client script-security 2 up "/etc/openvpn/bin/masquerade.sh eth0" plugin /usr/lib/openvpn/openvpn-plugin-down-root.so "/etc/openvpn/bin/masquerade.sh eth0"