Вообщем, сервер
dev tun
proto tcp
port 1194
topology subnet
ca "C:\\OpenVPN\\ssl\\ca.crt"
cert "C:\\OpenVPN\\ssl\\OpenVPN_SERVER.crt"
key "C:\\OpenVPN\\ssl\\OpenVPN_SERVER.key"
server 10.168.111.0 255.255.255.0
cipher AES-128-CBC
comp-lzo
mssfix
keepalive 10 120
persist-key
persist-tun
duplicate-cn
push "route 192.168.20.0 255.255.255.0"
verb 3
Клиент
client
dev tun
proto tcp
remote хх.ххх.хх.хх 1194
nobind
persist-key
persist-tun
ca ca.crt
cert Office.crt
key Office.key
verb 0
Автоматом выставить на впн адаптере т.к. после расшаривания ему будет присвоен 192.168.137.1. route-method exe относится к висте, да и то наверно пофиксили в новой версии. tls auth больше к udp годится
Скрытый текст
DoS attacks or port flooding on the OpenVPN UDP port.
Port scanning to determine which server UDP ports are in a listening state.
Buffer overflow vulnerabilities in the SSL/TLS implementation.
SSL/TLS handshake initiations from unauthorized machines (while such handshakes would ultimately fail to authenticate, tls-auth can cut them off at a much earlier point).
