Hello,
I have a Linux box with one NIC and installed an OpenVPN server on it. My OpenVPN server configuration is as follows:
Code:
port 1194
proto udp
dev tun0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
server 10.8.0.0 255.255.255.0
push "route 172.20.1.0 255.255.0.0"
push "dhcp-option DNS 172.20.1.2"
push "redirect-gateway autolocal"
keepalive 10 120
tls-auth ta.key 0
data-ciphers AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1
My client configuration is:
Code:
dev tun
proto udp
remote 192.168.1.20 1194
route add 172.20.1.0 255.255.0.0
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
remote-cert-tls server
tls-auth ta.key 1
data-ciphers AES-256-CBC
verb 3
And my iptables rules are:
Code:
# IF_MAIN=enp0s3
# IF_TUNNEL=tun0
# YOUR_OPENVPN_SUBNET=10.8.0.0/16
# iptables -I INPUT -p udp --dport 1194 -j ACCEPT
# iptables -A FORWARD -i $IF_MAIN -o $IF_TUNNEL -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A FORWARD -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j ACCEPT
# iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j MASQUERADE
I want to turn this server into a public server that I can connect to through the Internet and OpenVPN Connect. If I set a public IP address on the network card and put the public IP address instead of
192.168.1.20 in the client settings, is it enough?
Thank you.
Migrating the OpenVPN server from local to public
