proto udp. dev tun0. push "route 192.168.X.0 255.255.255.0" push "dhcp-option DNS 192.168.X.1" keepalive 10 120. daemon. verb 5. How can I get an IP Address and DNS allocated to my Tunnelblick client from the DD-WRT OpenVPN server and not from the remote ISP? Re: Problem allocating DD-WRT OpenVPN server's DNS and IP Address to Tunnelblick client : Tunnelblick developer: 10/14/18 3:10 AM: …
Tunnel UDP MSS-Fix: Whether to limit the TCP MSS values to fit the tunnel MTU. Select Disable unless instructed by our support staff. nsCertType verification: Checks to see if the remote server is using a valid type of certificate meant for OpenVPN connections. Set Tunnel UDP MSS-fix to Enable It should look exactly as below: The Additional config box should contain the config lines: persist-key persist-tun sndbuf 393216 rcvbuf 393216. Visit the following page here and paste the TLS-AUTH Key into the TLS-AUTH Key box, copy the OpenVPN CA into the CA Cert box. See below as to how it should look. Tunnel UDP-MSS-Fix: Enable; Leave other options as default . Step #5: Scroll down and in Additional Config box, enter following lines: persist-key persist-tun . Step #6: Scroll down to TLS Auth Key box. Download the certificate text file from here. Open it and copy the text between
Tunnel MTU setting: 1500. Tunnel UDP Fragment: Leave blank. Tunnel UDP MSS-Fix: Disabled, unless you need it. nsCertType verification: Checked. TLS Auth Key: Paste contents of ta.key from the .zip you downloaded in Step 1. You should open it via a text editor. Additional Config: Copy/paste from below: reneg-sec 432000 resolv-retry infinite
Tunnel UDP MSS-Fix: Disabled(必要ない限りこの設定にします) nsCertType verification: チェックを入れます TLS Auth Key: ステップ1でダウンロードした.zipファイル内からta.keyをテキストエディタで開き、内容を貼り付けてください。 Tunnel UDP MSS-Fix: Enabled In the Additional Config box, paste the following: client remote-cert-tls server ping 15 ping-restart 60 resolv-retry infinite nobind explicit-exit-notify 3 comp-lzo yes verb 2 route-gateway dhcp redirect-gateway def1 Tunnel MTU Einstellung: 1500. Tunnel UDP Fragment: Leer lassen. Tunnel UDP MSS-Fix: Deaktivieren, außer Sie benötigen es. nsCertType verifikation: Geprüft. TLS Auth-Schlüssel: Fügen Sie den Inhalt von ta.key aus der .zip ein, die Sie in Schritt 1 heruntergeladen haben. Sie sollten sie über einen Texteditor öffnen.
Tunnel MTU Setting: 1500 Tunnel UDP Fragment: 1450 Tunnel UDP MSS-Fix: Enable Verify Server Cert.: Checked; Scroll down a bit to the “Additional Config” field and enter the following: persist-key persist-tun fragment 1300 mssfix 1450 keysize 256; You should still have the configuration file open in a text editor.
Tunnel UDP Fragment: blank. Tunnel UDP MSS-Fix: Disable. Next we're going to need to start opening some of those files you generated above using Easy RSA. In all cases, you're going to get a block of non-sense stuff, surrounded by -----BEGIN blahblahblah- Set “Tunnel UDP-MSS-Fix”: Enable; Now scroll down and enter the following text in Additional Config box: persist-key; persist-tun; Go to the TSL Auth Key. Download the certificate data and TSL key file from here. Open it and then copy all the text be Tunnel Protocol: TCP: Encryption Cipher: AES-256-CBC: Hash Algorithm: SHA256: Advanced Options: Enable: TLS Cipher: None: LZO Compression: Yes: Redirect default Gateway: Disable: Allow Client to Client: Disable: Allow duplicate cn: Disable: Tunnel MTU setting: 1400: Tunnel UDP Fragment-Tunnel UDP MSS-Fix: Disable: CCD-Dir DEFAULT file-Static