padahuy

1. server.conf
2.  
3.  
4.  
5. # Custom user conf file for OpenVPN server
6. # Please add needed params only!
7.  
8. ### Authenticate packets with HMAC using message digest algorithm
9. ;auth SHA1 # SHA1 160 bit (default)
10. auth SHA256 # SHA256 256 bit
11. ;auth SHA512 # SHA512 512 bit
12.  
13. ### Encrypt packets with cipher algorithm
14. ;cipher BF-CBC # Blowfish 128 bit (default)
15. cipher AES-128-CBC # AES 128 bit
16. ;cipher AES-256-CBC # AES 256 bit
17. ;cipher DES-EDE3-CBC # Triple-DES 192 bit
18. ;cipher none # No encryption
19.  
20. ### Enable LZO compression on the VPN link
21. comp-lzo
22.  
23. ### Max clients limit
24. max-clients 10
25.  
26. ### Internally route client-to-client traffic
27. ;client-to-client
28.  
29. ### Allow clients with duplicate "Common Name"
30. ;duplicate-cn
31.  
32. ### Keepalive and timeout
33. keepalive 10 60
34.  
35. ### Process priority level (0..19)
36. ;nice 3
37.  
38. ### Syslog verbose level
39. verb 4
40. mute 20
41.  
42. ==============================
43.  
44. OVPN file
45. все что ниже вставить в client.ovpn
46. ==============================
47.  
48. client
49.  
50.  
51. dev tap
52. #dev tun
53.  
54. # Windows needs the TAP-Win32 adapter name
55. # from the Network Connections panel
56. # if you have more than one. On XP SP2,
57. # you may need to disable the firewall
58. # for the TAP adapter.
59. # dev-node TAP
60.  
61. # Are we connecting to a TCP or
62. # UDP server? Use the same setting as
63. # on the server.
64. proto tcp
65. ;proto udp
66.  
67. # The hostname/IP and port of the server.
68. # You can have multiple remote entries
69. # to load balance between the servers.
70. remote X.X.X.X 1194
71. #;remote my-server-2 1194
72.  
73. # Choose a random host from the remote
74. # list for load-balancing. Otherwise
75. # try hosts in the order specified.
76. ;remote-random
77.  
78. # Keep trying indefinitely to resolve the
79. # host name of the OpenVPN server. Very useful
80. # on machines which are not permanently connected
81. # to the internet such as laptops.
82. resolv-retry infinite
83.  
84. # Most clients don't need to bind to
85. # a specific local port number.
86. nobind
87.  
88. # Downgrade privileges after initialization (non-Windows only)
89. ;user nobody
90. ;group nobody
91.  
92. # Try to preserve some state across restarts.
93. persist-key
94. persist-tun
95.  
96. # Wireless networks often produce a lot
97. # of duplicate packets. Set this flag
98. # to silence duplicate packet warnings.
99. ;mute-replay-warnings
100.  
101. auth SHA256
102. remote-cert-tls server
103. cipher AES-128-CBC
104. comp-lzo
105. verb 3
106. mute 20
107.  
108. key-direction 1
109.  
110. #### сюда (между <ca> и </ca>) вставляешь содержимое файла ca.crt ####
111. <ca>
112.  
113. </ca>
114.  
115. ##### сюда (между <cert> и </cert>) вставляешь содержимое client.crt ####
116. <cert>
117.  
118. </cert>
119.  
120. #### сюда (между <key> и </key>) содержимое client.key ####
121. <key>
122.  
123. </key>
124.  
125. #### сюда (между <tls-auth> и </tls-auth>) ta.key ####
126.  
127. <tls-auth>
128.  
129. </tls-auth>