summaryrefslogtreecommitdiffstats
path: root/sample-config-files/server.conf
diff options
context:
space:
mode:
Diffstat (limited to 'sample-config-files/server.conf')
-rw-r--r--sample-config-files/server.conf30
1 files changed, 19 insertions, 11 deletions
diff --git a/sample-config-files/server.conf b/sample-config-files/server.conf
index f80ce8b..f483b6b 100644
--- a/sample-config-files/server.conf
+++ b/sample-config-files/server.conf
@@ -114,6 +114,18 @@ ifconfig-pool-persist ipp.txt
# out unless you are ethernet bridging.
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
+# Configure server mode for ethernet bridging
+# using a DHCP-proxy, where clients talk
+# to the OpenVPN server-side DHCP server
+# to receive their IP address allocation
+# and DNS server addresses. You must first use
+# your OS's bridging capability to bridge the TAP
+# interface with the ethernet NIC interface.
+# Note: this mode only works on clients (such as
+# Windows), where the client-side TAP adapter is
+# bound to a DHCP client.
+;server-bridge
+
# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
@@ -170,22 +182,18 @@ ifconfig-pool-persist ipp.txt
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
-# the TUN/TAP interface to the internet in
-# order for this to work properly).
-# CAVEAT: May break client's network config if
-# client's local DHCP server packets get routed
-# through the tunnel. Solution: make sure
-# client's local DHCP server is reachable via
-# a more specific route than the default route
-# of 0.0.0.0/0.0.0.0.
-;push "redirect-gateway"
+# or bridge the TUN/TAP interface to the internet
+# in order for this to work properly).
+;push "redirect-gateway def1 bypass-dhcp"
# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
-;push "dhcp-option DNS 10.8.0.1"
-;push "dhcp-option WINS 10.8.0.1"
+# The addresses below refer to the public
+# DNS servers provided by opendns.com.
+;push "dhcp-option DNS 208.67.222.222"
+;push "dhcp-option DNS 208.67.220.220"
# Uncomment this directive to allow different
# clients to be able to "see" each other.
generated by cgit (git 2.34.1) at 2024-05-05 08:56:36 +0000