{"id":311,"date":"2013-11-19T20:36:11","date_gmt":"2013-11-19T20:36:11","guid":{"rendered":"https:\/\/olkn.myvnc.com\/?p=311"},"modified":"2013-11-19T20:36:11","modified_gmt":"2013-11-19T20:36:11","slug":"openvpn-multihost-config","status":"publish","type":"post","link":"https:\/\/olkn.myvnc.com\/?p=311","title":{"rendered":"OpenVPN Multihost Config"},"content":{"rendered":"<p>Here is my working access to my intranet via OpenVPN in MultiHost Mode. First the server config:<br \/>\n<code><\/code><br \/>\nand now the client config:<br \/>\n<code><br \/>\n##############################################<br \/>\n# Sample client-side OpenVPN 2.0 config file #<br \/>\n##############################################<br \/>\n# Specify that we are a client and that we<br \/>\n# will be pulling certain config file directives<br \/>\n# from the server.<br \/>\nclient<br \/>\n# Use the same setting as you are using on<br \/>\n# the server.<br \/>\ndev tun<br \/>\n# Are we connecting to a TCP or<br \/>\n# UDP server?  Use the same setting as<br \/>\n# on the server.<br \/>\nproto udp<br \/>\n# The hostname\/IP and port of the server.<br \/>\nremote olkn.myvnc.com 1194<br \/>\n# Keep trying indefinitely to resolve the<br \/>\n# host name of the OpenVPN server.  Very useful<br \/>\n# on machines which are not permanently connected<br \/>\n# to the internet such as laptops.<br \/>\nresolv-retry infinite<br \/>\n# Most clients don't need to bind to<br \/>\n# a specific local port number.<br \/>\nnobind<br \/>\n# Downgrade privileges after initialization (non-Windows only)<br \/>\nuser nobody<br \/>\ngroup nogroup<br \/>\n# Try to preserve some state across restarts.<br \/>\npersist-key<br \/>\npersist-tun<br \/>\n# If you are connecting through an<br \/>\n# HTTP proxy to reach the actual OpenVPN<br \/>\n# server, put the proxy server\/IP and<br \/>\n# port number here.  See the man page<br \/>\n# if your proxy server requires<br \/>\n# authentication.<br \/>\n;http-proxy-retry # retry on connection failures<br \/>\n;http-proxy [proxy server] [proxy port #]<br \/>\n# SSL\/TLS parms.<br \/>\nca \/etc\/openvpn\/ca.crt<br \/>\ncert \/etc\/openvpn\/thinkpad.crt<br \/>\nkey \/etc\/openvpn\/thinkpad.key<br \/>\n# Verify server certificate by checking<br \/>\n# that the certicate has the nsCertType<br \/>\n# field set to \"server\".  This is an<br \/>\n# important precaution to protect against<br \/>\n# a potential attack discussed here:<br \/>\n#  http:\/\/openvpn.net\/howto.html#mitm<br \/>\nns-cert-type server<br \/>\n# If a tls-auth key is used on the server<br \/>\n# then every client must also have the key.<br \/>\n;tls-auth ta.key 1<br \/>\n# Enable compression on the VPN link.<br \/>\ncomp-lzo<br \/>\n# Set log file verbosity.<br \/>\nverb 3<br \/>\n<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here is my working access to my intranet via OpenVPN in MultiHost Mode. First the server config: and now the client config: ############################################## # Sample client-side OpenVPN 2.0 config file # ############################################## # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client &hellip; <a href=\"https:\/\/olkn.myvnc.com\/?p=311\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">OpenVPN Multihost Config<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[46,51,79,92,116,117],"class_list":["post-311","post","type-post","status-publish","format-standard","hentry","category-configs","tag-config","tag-debian","tag-linux","tag-openvpn","tag-server","tag-sheeva"],"_links":{"self":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/posts\/311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=311"}],"version-history":[{"count":0,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=\/wp\/v2\/posts\/311\/revisions"}],"wp:attachment":[{"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/olkn.myvnc.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}