Openvpn on Debian: Difference between revisions
Jump to navigation
Jump to search
(Created page with "server example with routing: <pre>port 1194 proto udp dev tun ca server/ca.crt cert server/server.crt key server/server.key # This file should be kept secret dh server/dh20...") |
No edit summary |
||
| Line 4: | Line 4: | ||
proto udp | proto udp | ||
dev tun | dev tun | ||
ca server/ca.crt | ca server/ca.crt | ||
cert server/server.crt | cert server/server.crt | ||
key server/server.key # This file should be kept secret | key server/server.key # This file should be kept secret | ||
dh server/dh2048.pem | dh server/dh2048.pem | ||
server 10.8.0.0 255.255.255.0 | server 10.8.0.0 255.255.255.0 | ||
push "route 192.168.0.0 255.255.255.0" | push "route 192.168.0.0 255.255.255.0" | ||
push "route 192.168.1.0 255.255.255.0" | push "route 192.168.1.0 255.255.255.0" | ||
| Line 21: | Line 15: | ||
push "route 192.168.4.0 255.255.255.0" | push "route 192.168.4.0 255.255.255.0" | ||
push "route 192.168.5.0 255.255.255.0" | push "route 192.168.5.0 255.255.255.0" | ||
push "dhcp-option DNS 8.8.8.8" | |||
push "dhcp-option DNS | |||
ifconfig-pool-persist ipp.txt | ifconfig-pool-persist ipp.txt | ||
keepalive 10 120 | keepalive 10 120 | ||
tls-auth server/ta.key 0 # This file is secret | tls-auth server/ta.key 0 # This file is secret | ||
key-direction 0 | key-direction 0 | ||
cipher AES-256-CBC | cipher AES-256-CBC | ||
auth SHA256 | auth SHA256 | ||
compress lz4-v2 | compress lz4-v2 | ||
push "compress lz4-v2" | push "compress lz4-v2" | ||
max-clients 100 | max-clients 100 | ||
user nobody | user nobody | ||
group nogroup | group nogroup | ||
persist-key | persist-key | ||
persist-tun | persist-tun | ||
status openvpn-status.log | status openvpn-status.log | ||
verb 3 | verb 3 | ||
explicit-exit-notify 1 | explicit-exit-notify 1 | ||
</pre> | </pre> | ||
Revision as of 20:19, 20 March 2018
server example with routing:
port 1194 proto udp dev tun ca server/ca.crt cert server/server.crt key server/server.key # This file should be kept secret dh server/dh2048.pem server 10.8.0.0 255.255.255.0 push "route 192.168.0.0 255.255.255.0" push "route 192.168.1.0 255.255.255.0" push "route 192.168.2.0 255.255.255.0" push "route 192.168.3.0 255.255.255.0" push "route 192.168.4.0 255.255.255.0" push "route 192.168.5.0 255.255.255.0" push "dhcp-option DNS 8.8.8.8" ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth server/ta.key 0 # This file is secret key-direction 0 cipher AES-256-CBC auth SHA256 compress lz4-v2 push "compress lz4-v2" max-clients 100 user nobody group nogroup persist-key persist-tun status openvpn-status.log verb 3 explicit-exit-notify 1