openvpn

1. Client Confg:
2.  
3. client
4. remote x.x.x.x 1194
5. ;remote my-server-2 1194
6. proto udp
7. dev tun
8. ;remote-random
9. resolv-retry infinite
10. nobind
11. user nobody
12. group nogroup
13. persist-key
14. persist-tun
15. ;http-proxy-retry # retry on connection failures
16. ;http-proxy [proxy server] [proxy port #]
17. ;mute-replay-warnings
18. ;ca ca.crt
19. ;cert client.crt
20. ;key client.key
21. ;tls-crypt ta.key
22. remote-cert-tls server
23. cipher AES-256-GCM
24. auth SHA512
25. ;comp-lzo
26. verb 3
27. ;mute 20
28.  
29. ------------------------------
30. Server Confg:
31.  
32. ;local a.b.c.d
33. port 1194
34. ;proto tcp
35. proto udp
36. ;dev tap
37. dev tun
38. ;dev-node MyTap
39. ca ca.crt
40. cert openvpn-server.crt
41. key openvpn-server.key # Mantener secreto este fichero
42. ;dh dh2048.pem
43. dh none
44. topology subnet
45. server 10.8.0.0 255.255.255.0
46. ifconfig-pool-persist /var/log/openvpn/ipp.txt
47. ;server-bridge 10.8.0.1 255.255.255.0 10.8.0.0 10.8.0.100
48. ;server-bridge
49. ;push "route x.x.x.x 255.255.255.0"
50. ;push "route x.x.x.x 255.255.255.0"
51. ;client-config-dir ccd
52. ;route x.x.x.x 255.255.255.248
53. ;client-config-dir ccd
54. ;route 10.9.0.0 255.255.255.252
55. ;learn-address ./script
56. push "redirect-gateway def1 bypass-dhcp"
57. push "dhcp-option DNS 8.8.8.8"
58. push "dhcp-option DNS 8.8.4.4"
59. client-to-client
60. ;duplicate-cn
61. keepalive 10 120
62. ;tls-auth ta.key 0 # This file is secret
63. tls-crypt ta.key
64. ;cipher AES-256-CBC
65. cipher AES-256-GCM
66. auth SHA512
67. ;compress lz4-v2
68. ;push "compress lz4-v2"
69. ;comp-lzo
70. max-clients 10
71. user nobody
72. group nogroup
73. persist-key
74. persist-tun
75. status /var/log/openvpn/openvpn-status.log
76. ;log /var/log/openvpn/openvpn.log
77. ;log-append /var/log/openvpn/openvpn.log
78. verb 3
79. ;mute 20
80. explicit-exit-notify 1
81.