\/\/ client \/\/<\/p>\n
client
\ndev tun
\nproto udp
\nremote IP\u00a0 1194
\nnobind
\npersist-key
\npersist-tun
\ncomp-lzo
\nlog-append openvpn-log
\nverb 3
\nmute 10<\/p><\/blockquote>\n\/\/ Server \/\/<\/p>\n
proto udp
\ndev tun
\nport 1194
\nserver 10.100.200.0 255.255.255.0
\npush “route 192.168.3.0 255.255.255.0”
\nclient-config-dir ccd
\nclient-to-client
\nifconfig-pool-persist ipp.txt
\nkeepalive 10 120
\ncomp-lzo
\npersist-key
\npersist-tun
\nstatus openvpn-status.log 20
\nlog-append openvpn-log
\nverb 3
\nmute 1<\/p><\/blockquote>\n\/\/ Iptables \/\/<\/p>\n
*filter
\n:INPUT ACCEPT [9976:1352302]
\n:FORWARD ACCEPT [7:364]
\n:OUTPUT ACCEPT [19184:1814693]
\n-A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
\n-A INPUT -p icmp -j ACCEPT
\n-A INPUT -i lo -j ACCEPT
\n-A INPUT -i tun0 -j ACCEPT
\n-A INPUT -s 10.100.200.0\/24 -p tcp -m tcp –dport 22 -j ACCEPT
\n-A INPUT -p tcp -m tcp –dport 8086 -j ACCEPT
\n-A INPUT -s xxx.xxx.xxx.xxx\/32 -p tcp -m tcp –dport 3128 -j ACCEPT
\n-A INPUT -m state –state NEW -j LOG –log-prefix “INPUT: ”
\n-A FORWARD -i tun0 -j ACCEPT
\n-A FORWARD -s 10.100.200.0\/24 -d 192.168.x.0\/24 -i tun0 -j ACCEPT
\n-A FORWARD -i eth0 -o tun0 -m state –state RELATED,ESTABLISHED -j ACCEPT
\n-A FORWARD -i tun0 -o eth0 -j ACCEPT
\n-A OUTPUT -p udp -m udp –dport 123 -j ACCEPT
\n-A OUTPUT -o tun+ -j ACCEPT
\nCOMMIT
\n# Completed on Thu Dec 29 13:16:58 2016
\n# Generated by iptables-save v1.4.21 on Thu Dec 29 13:16:58 2016
\n*nat
\n:PREROUTING ACCEPT [7:588]
\n:INPUT ACCEPT [0:0]
\n:OUTPUT ACCEPT [0:0]
\n:POSTROUTING ACCEPT [0:0]
\n-A POSTROUTING -o eth0 -j MASQUERADE
\nCOMMIT<\/p><\/blockquote>\n\/\/ sysctl.conf \/\/<\/p>\n
net.ipv6.conf.all.disable_ipv6 = 1
\nnet.ipv6.conf.default.disable_ipv6 = 1
\nnet.ipv4.ip_forward=1<\/p><\/blockquote>\n<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
\/\/ client \/\/ client dev tun proto udp remote IP\u00a0 1194 nobind persist-key persist-tun comp-lzo log-append openvpn-log verb 3 mute 10 \/\/ Server \/\/ proto udp dev tun port 1194 server 10.100.200.0 255.255.255.0 push “route 192.168.3.0 255.255.255.0” client-config-dir ccd client-to-client ifconfig-pool-persist ipp.txt keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log 20 log-append openvpn-log verb 3 …<\/p>\n