Advertisement
Guest User

Untitled

a guest
Mar 11th, 2017
112
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ##############################################
  2. # Sample client-side OpenVPN 2.0 config file #
  3. # for connecting to multi-client server.     #
  4. #                                            #
  5. # This configuration can be used by multiple #
  6. # clients, however each client should have   #
  7. # its own cert and key files.                #
  8. #                                            #
  9. # On Windows, you might want to rename this  #
  10. # file so it has a .ovpn extension           #
  11. ##############################################
  12.  
  13. # Specify that we are a client and that we
  14. # will be pulling certain config file directives
  15. # from the server.
  16. client
  17.  
  18. # Use the same setting as you are using on
  19. # the server.
  20. # On most systems, the VPN will not function
  21. # unless you partially or fully disable
  22. # the firewall for the TUN/TAP interface.
  23. ;dev tap
  24. dev tun
  25.  
  26. # Windows needs the TAP-Win32 adapter name
  27. # from the Network Connections panel
  28. # if you have more than one.  On XP SP2,
  29. # you may need to disable the firewall
  30. # for the TAP adapter.
  31. ;dev-node MyTap
  32.  
  33. # Are we connecting to a TCP or
  34. # UDP server?  Use the same setting as
  35. # on the server.
  36. ;proto tcp
  37. proto udp
  38.  
  39.  
  40. # The hostname/IP and port of the server.
  41. # You can have multiple remote entries
  42. # to load balance between the servers.
  43. remote 192.168.2.5 1194
  44. ;remote my-server-2 1194
  45.  
  46. # Choose a random host from the remote
  47. # list for load-balancing.  Otherwise
  48. # try hosts in the order specified.
  49. ;remote-random
  50.  
  51. # Keep trying indefinitely to resolve the
  52. # host name of the OpenVPN server.  Very useful
  53. # on machines which are not permanently connected
  54. # to the internet such as laptops.
  55. resolv-retry infinite
  56.  
  57. # Most clients don't need to bind to
  58. # a specific local port number.
  59. nobind
  60.  
  61. # Downgrade privileges after initialization (non-Windows only)
  62. user nobody
  63. group nobody
  64.  
  65. # Try to preserve some state across restarts.
  66. persist-key
  67. persist-tun
  68.  
  69. # If you are connecting through an
  70. # HTTP proxy to reach the actual OpenVPN
  71. # server, put the proxy server/IP and
  72. # port number here.  See the man page
  73. # if your proxy server requires
  74. # authentication.
  75. ;http-proxy-retry # retry on connection failures
  76. ;http-proxy [proxy server] [proxy port #]
  77.  
  78. # Wireless networks often produce a lot
  79. # of duplicate packets.  Set this flag
  80. # to silence duplicate packet warnings.
  81. ;mute-replay-warnings
  82.  
  83. # SSL/TLS parms.
  84. # See the server config file for more
  85. # description.  It's best to use
  86. # a separate .crt/.key file pair
  87. # for each client.  A single ca
  88. # file can be used for all clients.
  89. ca /etc/pki/CA/ca.crt
  90. cert /etc/pki/CA/lisboa.crt
  91. key /etc/pki/CA/lisboa.key
  92.  
  93. # Verify server certificate by checking that the
  94. # certicate has the correct key usage set.
  95. # This is an important precaution to protect against
  96. # a potential attack discussed here:
  97. #  http://openvpn.net/howto.html#mitm
  98. #
  99. # To use this feature, you will need to generate
  100. # your server certificates with the keyUsage set to
  101. #   digitalSignature, keyEncipherment
  102. # and the extendedKeyUsage to
  103. #   serverAuth
  104. # EasyRSA can do this for you.
  105. #remote-cert-tls server
  106.  
  107. # If a tls-auth key is used on the server
  108. # then every client must also have the key.
  109. #remote-cert-ku server
  110. #tls-auth ta.key 1
  111.  
  112. # Select a cryptographic cipher.
  113. # If the cipher option is used on the server
  114. # then you must also specify it here.
  115. # Note that 2.4 client/server will automatically
  116. # negotiate AES-256-GCM in TLS mode.
  117. # See also the ncp-cipher option in the manpage
  118. cipher AES-256-CBC
  119.  
  120. # Enable compression on the VPN link.
  121. # Don't enable this unless it is also
  122. # enabled in the server config file.
  123. comp-lzo
  124.  
  125. # Set log file verbosity.
  126. verb 3
  127.  
  128. # Silence repeating messages
  129. ;mute 20
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement