Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- dev tun
- proto tcp
- port 443
- ca /etc/openvpn/easy-rsa/pki/ca.crt
- cert /etc/openvpn/easy-rsa/pki/issued/server_XXX.crt
- key /etc/openvpn/easy-rsa/pki/private/server_XXX.key
- dh /etc/openvpn/easy-rsa/pki/dh2048.pem
- topology subnet
- server 10.8.0.0 255.255.255.0
- # Set your primary domain name server address for clients
- #push "dhcp-option DNS 44.45.46.76"
- #push "dhcp-option DNS 8.8.4.4"
- # Prevent DNS leaks on Windows
- # push "block-outside-dns"
- # Override the Client default gateway by using 0.0.0.0/1 and
- # 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
- # overriding but not wiping out the original default gateway.
- push "redirect-gateway def1"
- client-to-client
- keepalive 10 120
- remote-cert-tls client
- tls-version-min 1.2
- tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
- cipher AES-256-CBC
- auth SHA256
- comp-lzo
- user nobody
- group nogroup
- persist-key
- persist-tun
- crl-verify /etc/openvpn/crl.pem
- status /var/log/openvpn-status.log 20
- status-version 3
- syslog
- verb 3
- #DuplicateCNs allow access control on a less-granular, per user basis.
- #Remove # if you will manage access by user instead of device.
- #duplicate-cn
- # Generated for use by PiVPN.io
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
