Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Debian VM
- ***************************************
- local <MyIP>
- port 993
- proto tcp
- dev tun
- ca key_ok/ca.crt
- cert key_ok/xx.crt
- key key_ok/xx.key # This file should be kept secret
- dh key_ok/dh1024.pem
- server 10.8.0.0 255.255.255.0
- ifconfig-pool-persist ipp.txt
- push "dhcp-option DNS 8.8.8.8"
- push "redirect-gateway def1"
- push "register-dns"
- push "redirect-gateway def1 bypass-dhcp"
- client-to-client
- keepalive 10 120
- comp-lzo
- user nobody
- group nogroup
- persist-key
- persist-tun
- status openvpn-status.log
- verb 3
- crl-verify key_ok/crl.pem
- ***************************************
- pfSense openVPN configuration
- ***************************************
- dev ovpns3
- verb 1
- dev-type tun
- dev-node /dev/tun3
- writepid /var/run/openvpn_server3.pid
- script-security 3
- daemon
- keepalive 10 60
- ping-timer-rem
- persist-tun
- persist-key
- proto tcp-server
- cipher AES-128-CBC
- auth SHA1
- up /usr/local/sbin/ovpn-linkup
- down /usr/local/sbin/ovpn-linkdown
- client-connect /usr/local/sbin/openvpn.attributes.sh
- client-disconnect /usr/local/sbin/openvpn.attributes.sh
- local <MyIP>
- tls-server
- server 10.7.0.0 255.255.255.0
- client-config-dir /var/etc/openvpn-csc/server3
- username-as-common-name
- auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user <SECRET> false server3 993" via-env
- tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'Jarvis-ovpn' 1"
- lport 993
- management /var/etc/openvpn/server3.sock unix
- push "route 10.0.0.0 255.255.255.0"
- push "dhcp-option DNS 8.8.8.8"
- push "dhcp-option DNS 8.8.4.4"
- push "register-dns"
- client-to-client
- ca /var/etc/openvpn/server3.ca
- cert /var/etc/openvpn/server3.cert
- key /var/etc/openvpn/server3.key
- dh /etc/dh-parameters.4096
- crl-verify /var/etc/openvpn/server3.crl-verify
- tls-auth /var/etc/openvpn/server3.tls-auth 0
- comp-lzo no
- persist-remote-ip
- float
- topology subnet
- push "route 10.7.0.0 255.255.255.0"
- ***************************************
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement