Update openvpn server config

This commit is contained in:
Jan Philipp Timme 2018-09-21 19:59:27 +02:00
parent 57224747c0
commit c1dd674319
1 changed files with 26 additions and 3 deletions

View File

@ -47,13 +47,37 @@ server-ipv6 2001:638:614:1750::/64
push "route remote_host 255.255.255.255 net_gateway" push "route remote_host 255.255.255.255 net_gateway"
# Push routes for local IPv4 networks # Push routes for local IPv4 networks
# DMZ
push "route 141.71.38.0 255.255.255.0 vpn_gateway"
# Inform
push "route 141.71.30.0 255.255.254.0 vpn_gateway" push "route 141.71.30.0 255.255.254.0 vpn_gateway"
# Edu
push "route 192.168.99.0 255.255.255.0 vpn_gateway" push "route 192.168.99.0 255.255.255.0 vpn_gateway"
# NAO
push "route 192.168.90.0 255.255.255.0 vpn_gateway"
# iDrac
push "route 192.168.70.0 255.255.255.0 vpn_gateway"
# Cluster
push "route 10.0.20.0 255.255.255.0 vpn_gateway"
# educloud
push "route 10.0.30.0 255.255.255.0 vpn_gateway"
# experimental ipv6 network
push "route 10.0.40.0 255.255.255.0 vpn_gateway"
# server network from H-IT for KMS
push "route 141.71.2.0 255.255.255.0 vpn_gateway"
# Push routes for local IPv6 networks # Push routes for local IPv6 networks
# (The vpn_gateway placeholder does not work here.) # (The vpn_gateway placeholder does not work here.)
# DMZ
push "route-ipv6 2001:638:614:1780::/64 2001:638:614:1750::1"
# Inform
push "route-ipv6 2001:638:614:1720::/64 2001:638:614:1750::1" push "route-ipv6 2001:638:614:1720::/64 2001:638:614:1750::1"
# Edu
push "route-ipv6 2001:638:614:1721::/64 2001:638:614:1750::1" push "route-ipv6 2001:638:614:1721::/64 2001:638:614:1750::1"
# NAO
push "route-ipv6 2001:638:614:1722::/64 2001:638:614:1750::1"
# Cluster
push "route-ipv6 2001:638:614:1743::/64 2001:638:614:1750::1"
# Specific settings regarding TLS, chiphers and hash algorithms # Specific settings regarding TLS, chiphers and hash algorithms
cipher AES-256-GCM cipher AES-256-GCM
@ -76,6 +100,5 @@ group nogroup
verb 3 verb 3
mute 5 mute 5
# Have a status log if needed. # Have a status log
# We do not need it. status inform/status.log
# status inform/status.log