Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Client Confg:
- client
- remote x.x.x.x 1194
- ;remote my-server-2 1194
- proto udp
- dev tun
- ;remote-random
- resolv-retry infinite
- nobind
- user nobody
- group nogroup
- persist-key
- persist-tun
- ;http-proxy-retry # retry on connection failures
- ;http-proxy [proxy server] [proxy port #]
- ;mute-replay-warnings
- ;ca ca.crt
- ;cert client.crt
- ;key client.key
- ;tls-crypt ta.key
- remote-cert-tls server
- cipher AES-256-GCM
- auth SHA512
- ;comp-lzo
- verb 3
- ;mute 20
- ------------------------------
- Server Confg:
- ;local a.b.c.d
- port 1194
- ;proto tcp
- proto udp
- ;dev tap
- dev tun
- ;dev-node MyTap
- ca ca.crt
- cert openvpn-server.crt
- key openvpn-server.key # Mantener secreto este fichero
- ;dh dh2048.pem
- dh none
- topology subnet
- server 10.8.0.0 255.255.255.0
- ifconfig-pool-persist /var/log/openvpn/ipp.txt
- ;server-bridge 10.8.0.1 255.255.255.0 10.8.0.0 10.8.0.100
- ;server-bridge
- ;push "route x.x.x.x 255.255.255.0"
- ;push "route x.x.x.x 255.255.255.0"
- ;client-config-dir ccd
- ;route x.x.x.x 255.255.255.248
- ;client-config-dir ccd
- ;route 10.9.0.0 255.255.255.252
- ;learn-address ./script
- push "redirect-gateway def1 bypass-dhcp"
- push "dhcp-option DNS 8.8.8.8"
- push "dhcp-option DNS 8.8.4.4"
- client-to-client
- ;duplicate-cn
- keepalive 10 120
- ;tls-auth ta.key 0 # This file is secret
- tls-crypt ta.key
- ;cipher AES-256-CBC
- cipher AES-256-GCM
- auth SHA512
- ;compress lz4-v2
- ;push "compress lz4-v2"
- ;comp-lzo
- max-clients 10
- user nobody
- group nogroup
- persist-key
- persist-tun
- status /var/log/openvpn/openvpn-status.log
- ;log /var/log/openvpn/openvpn.log
- ;log-append /var/log/openvpn/openvpn.log
- verb 3
- ;mute 20
- explicit-exit-notify 1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement