Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ERL:
- openvpn vtun0 {
- encryption aes128
- mode server
- openvpn-option --tls-server
- openvpn-option "--proto udp"
- openvpn-option "--port 1194"
- openvpn-option "--tun-mtu 1500"
- openvpn-option --persist-key
- openvpn-option --persist-tun
- openvpn-option --persist-local-ip
- openvpn-option --persist-remote-ip
- openvpn-option "--keepalive 8 30"
- openvpn-option --duplicate-cn
- openvpn-option "--plugin /usr/lib/openvpn/openvpn-auth-pam.so login"
- openvpn-option "--client-cert-not-required --username-as-common-name"
- openvpn-option "--verb 1"
- openvpn-option --client-to-client
- openvpn-option "--push route 192.168.1.0 255.255.255.192"
- openvpn-option "--push dhcp-option DNS 192.168.1.1"
- openvpn-option "--fragment 0"
- openvpn-option "--mssfix 0"
- openvpn-option "--push redirect-gateway def1"
- server {
- subnet 192.168.2.0/26
- topology subnet
- }
- tls {
- dh-file /config/auth/openvpn/keys/dh2048.pem
- ca-cert-file /config/auth/openvpn/keys/ca.crt
- cert-file /config/auth/openvpn/keys/gateway.MyDomain.com.crt
- key-file /config/auth/openvpn/keys/gateway.MyDomain.com.key
- }
- CLIENT:
- client
- float
- dev tun
- proto udp
- remote WAN-IP 1194
- resolv-retry infinite
- persist-key
- persist-tun
- keepalive 15 60
- auth-user-pass
- ns-cert-type server
- cipher AES-128-CBC
- nobind
- auth-nocache
- tun-mtu 1500
- fragment 0
- mssfix 0
- <ca>
- -----BEGIN CERTIFICATE-----
- KEY
- -----END CERTIFICATE-----
- </ca>
- <cert>
- -----BEGIN CERTIFICATE-----
- KEY
- -----END CERTIFICATE-----
- </cert>
- <key>
- -----BEGIN PRIVATE KEY-----
- KEY
- -----END PRIVATE KEY-----
- </key>
Advertisement
Add Comment
Please, Sign In to add comment
