emersonicus Posted January 14, 2019 Share Posted January 14, 2019 (edited) Hi, I am trying to get over my cgnat problem and people suggested online to VPN tunnel to a server with a public IP. Now, I was able to connect from my pfSense to the raspberry pi with PiVPN. How can I make the duckdns validation? /etc/openvpn/server.conf dev tun proto udp port 1194 ca /etc/openvpn/easy-rsa/pki/ca.crt cert /etc/openvpn/easy-rsa/pki/issued/cert.crt key /etc/openvpn/easy-rsa/pki/private/key.key dh none topology subnet server 10.8.0.0 255.255.255.0 # Set your primary domain name server address for clients #site to site vpn route 10.0.0.0 255.255.255.0 10.8.0.2 push "route 192.168.2.0 255.255.255.0" client-config-dir /etc/openvpn/client #pi-hole push "dhcp-option DNS 10.8.0.1" #push "dhcp-option DNS 1.1.1.1" #push "dhcp-option DNS 9.9.9.9" # Prevent DNS leaks on Windows push "block-outside-dns" # Override the Client default gateway by using 0.0.0.0/1 and # 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of # overriding but not wiping out the original default gateway. push "redirect-gateway def1" client-to-client keepalive 1800 3600 remote-cert-tls client tls-version-min 1.2 tls-crypt /etc/openvpn/easy-rsa/pki/ta.key cipher AES-256-CBC auth SHA256 user nobody group nogroup persist-key persist-tun crl-verify /etc/openvpn/crl.pem status /var/log/openvpn-status.log 20 status-version 3 syslog verb 3 #DuplicateCNs allow access control on a less-granular, per user basis. #Remove # if you will manage access by user instead of device. #duplicate-cn # Generated for use by PiVPN.io /etc/openvpn/client/vpn1: push "route 192.168.2.0 255.255.255.0 10.8.0.1" ifconfig-push 10.8.0.2 255.255.255.0 iroute 10.0.0.0 255.255.255.0 Sometimes I can ping the pfSense from the PiVPN but not vise versa. Should better opt to try SSH tunnel instead of OpenVPN site to site? If you need more information just let me know. All suggestions will help! Thanks. Edited January 14, 2019 by emersonicus Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.