Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- CLIENT_CONFIG='##### Role #####
- tls-client
- pull
- ##### System #####
- daemon
- dev-type tun
- dev tun0
- persist-key
- persist-tun
- ##### Networking #####
- nobind
- resolv-retry infinite
- proto tcp-client
- remote ТУТ_IP_СЕРВЕРА 1194
- inactive 0
- ping 5
- ping-restart 30
- comp-lzo adaptive
- route 192.168.1.0 255.255.255.0 192.168.2.1
- ##### Cryptography #####
- ca ca.crt
- cert client.crt
- key client.key
- tls-auth ta.key 1
- auth SHA256
- cipher AES-256-CBC
- tls-cipher TLS-RSA-WITH-RC4-128-MD5
- reneg-sec 3600
- ##### Logging #####
- log /var/log/openvpn.log
- verb 1
- status-version 3
- '
- #### CERT ####
- CA_CRT='-----BEGIN CERTIFICATE-----
- MIIDRDCCAiygAwIBAgIJAJ2/SE4qkYvEMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV...
- -----END CERTIFICATE-----'
- CLIENT_CRT='-----BEGIN CERTIFICATE-----
- MIIDUDCCAjigAwIBAgIQKou8oLGqUyUNPp4EYLjiXzANBgkqhkiG9w0BAQsFADAb...
- -----END CERTIFICATE-----'
- CLIENT_KEY='-----BEGIN PRIVATE KEY-----
- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDJGm/tCsvGtPae...
- -----END PRIVATE KEY-----'
- TLS_KEY='-----BEGIN OpenVPN Static key V1-----
- e36abdfc3bc08aa42a626fa917f24c6b...
- -----END OpenVPN Static key V1-----'
- if [ "$OPVPNENABLE" != 0 ]
- then
- nvram set openvpncl_enable=0
- nvram commit
- fi
- sleep 5
- mkdir /tmp/openvpn; cd /tmp/openvpn
- echo "$CA_CRT" > ca.crt
- echo "$CLIENT_CRT" > client.crt
- echo "$CLIENT_KEY" > client.key
- echo "$TLS_KEY" > ta.key
- echo "$CLIENT_CONFIG" > openvpn.conf
- chmod 644 ca.crt client.crt
- chmod 600 client.key
- chmod 644 ta.key
- chmod 644 openvpn.conf
- sleep 5
- killall openvpn
- openvpn --config /tmp/openvpn/openvpn.conf&
- ifconfig | grep tun
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement