Topnetworks-FAQ

Ja, aber nur nach Rücksprache mit unserem Support. Auf ihrem V-Server muss nämlich erst ein tap-Device eingerichtet werden.

Hier ein Beispiel wie die "server.conf" aussehen könnte:

# port and interface specs

# behave like a ssl-webserver

port 443

proto tcp-server

# tap device? (keep in mind you need /dev/net/tun !)

dev tap0

# now the ips we will use for the tunnel

ifconfig 10.10.10.100 255.255.255.254

ifconfig-noexec

# the server part

# Keep VPN connections, even if the client IP changes

float

# use compression (may also even obfuscate content filters)

comp-lzo

# use a static key - create it with 'openvpn --genkey --secret static.key'

secret static.key

# dont reload the key after a SIGUSR1

persist-key

# check alive all 10 secs

keepalive 10 60

# verbosity level (from 1 to 9, 9 is max log level)

verb 4

status openvpn-status.log

Hier ein Beispiel wie die "client.conf" aussehen könnte:

# port and interface specs

# the following is not necessary, if you bring up openvpn via Debian's init script:

daemon ovpn-my-clients-name

# behave like a ssl-webserver

port 443

proto tcp-client

remote %%%<insert-the-guest-primary-public-ip-here>%%%%

# what device tun ot tap?

dev tap

# now the ips we will use for the tunnel

ifconfig 10.10.10.101 255.255.255.254

# Keep VPN connections, even if the client IP changes

float

mssfix

# use compression (may also even obfuscate content filters)

comp-lzo

# use a static key

secret static.key

# dont reload the key after a SIGUSR1

persist-key

# check alive all 10 secs

keepalive 10 60

# verbosity level (from 1 to 9, 9 is max log level)

verb 4

# set the default route

route-gateway 10.10.10.100

redirect-gateway def1

# to add special routes you can do it wihtin the openvpn client conf:

# route <dest> <mask> <gateway>

# if you need to connect via proxy (like squid)

# http-proxy s p [up] [auth] : Connect to remote host through an HTTP proxy at

#                  address s and port p.  If proxy authentication is required,

#                  up is a file containing username/password on 2 lines, or

#                  'stdin' to prompt from console.  Add auth='ntlm' if

#                  the proxy requires NTLM authentication.

# http-proxy s p [up] [auth]

# http-proxy-option type [parm] : Set extended HTTP proxy options.

#                                  Repeat to set multiple options.

#                  VERSION version (default=1.0)

#                  AGENT user-agent

# http-proxy-option type [parm]

Heinweis: Bitte verwenden Sie OpenVPN in Version 2.0.9 oder aktueller.