We have now an OpenVPN server setup in our group.
we’ve supplied created PAM entry to our employees.
utilizing verb Three we handle to retailer who logs in utilizing which IP handle.
We wish to retailer which host is person looking, we all know the very fact we won’t see something behind https that is why we simply wished to retailer host for instance fb.com:443
under is our present server.conf file
port 1194 proto tcp link-mtu 1500 dev tun ca easy-rsa/keys/ca.crt cert easy-rsa/keys/server.crt key easy-rsa/keys/server.key dh easy-rsa/keys/dh2048.pem cipher AES-128-CBC auth SHA1 server 10.8.0.0 255.255.255.0 push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 18.104.22.168" push "dhcp-option DNS 22.214.171.124" #push "dhcp-option SEARCH rancher.inner" push "route 10.42.0.0 255.255.0.0" keepalive 10 120 comp-lzo persist-key persist-tun username-as-common-name verb 3 standing /and so forth/openvpn/log/openvpn-status.log log-append /and so forth/openvpn/log/openvpn.log client-cert-not-required plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so openvpn