We have now an OpenVPN server setup in our group.
we’ve supplied created PAM entry to our employees.
utilizing verb Three we handle to retailer who logs in utilizing which IP handle.
We wish to retailer which host is person looking, we all know the very fact we won’t see something behind https that is why we simply wished to retailer host for instance fb.com:443
under is our present server.conf file
port 1194
proto tcp
link-mtu 1500
dev tun
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key
dh easy-rsa/keys/dh2048.pem
cipher AES-128-CBC
auth SHA1
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
#push "dhcp-option SEARCH rancher.inner"
push "route 10.42.0.0 255.255.0.0"
keepalive 10 120
comp-lzo
persist-key
persist-tun
username-as-common-name
verb 3
standing /and so forth/openvpn/log/openvpn-status.log
log-append /and so forth/openvpn/log/openvpn.log
client-cert-not-required
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so openvpn