Ja, aber nur nach Rücksprache mit unserem Support. Auf ihrem V-Server muss nämlich erst ein tap-Device eingerichtet werden.
Hier ein Beispiel wie die "server.conf" aussehen könnte:
# port and interface specs
# behave like a ssl-webserver
port 443
proto tcp-server
# tap device? (keep in mind you need /dev/net/tun !)
dev tap0
# now the ips we will use for the tunnel
ifconfig 10.10.10.100 255.255.255.254
ifconfig-noexec
# the server part
# Keep VPN connections, even if the client IP changes
float
# use compression (may also even obfuscate content filters)
comp-lzo
# use a static key - create it with 'openvpn --genkey --secret static.key'
secret static.key
# dont reload the key after a SIGUSR1
persist-key
# check alive all 10 secs
keepalive 10 60
# verbosity level (from 1 to 9, 9 is max log level)
verb 4
status openvpn-status.log
Hier ein Beispiel wie die "client.conf" aussehen könnte:
# port and interface specs
# the following is not necessary, if you bring up openvpn via Debian's init script:
daemon ovpn-my-clients-name
# behave like a ssl-webserver
port 443
proto tcp-client
remote %%%<insert-the-guest-primary-public-ip-here>%%%%
# what device tun ot tap?
dev tap
# now the ips we will use for the tunnel
ifconfig 10.10.10.101 255.255.255.254
# Keep VPN connections, even if the client IP changes
float
mssfix
# use compression (may also even obfuscate content filters)
comp-lzo
# use a static key
secret static.key
# dont reload the key after a SIGUSR1
persist-key
# check alive all 10 secs
keepalive 10 60
# verbosity level (from 1 to 9, 9 is max log level)
verb 4
# set the default route
route-gateway 10.10.10.100
redirect-gateway def1
# to add special routes you can do it wihtin the openvpn client conf:
# route <dest> <mask> <gateway>
# if you need to connect via proxy (like squid)
# http-proxy s p [up] [auth] : Connect to remote host through an HTTP proxy at
# address s and port p. If proxy authentication is required,
# up is a file containing username/password on 2 lines, or
# 'stdin' to prompt from console. Add auth='ntlm' if
# the proxy requires NTLM authentication.
# http-proxy s p [up] [auth]
# http-proxy-option type [parm] : Set extended HTTP proxy options.
# Repeat to set multiple options.
# VERSION version (default=1.0)
# AGENT user-agent
# http-proxy-option type [parm]
Heinweis: Bitte verwenden Sie OpenVPN in Version 2.0.9 oder aktueller.