Added openvpn.conf
This commit is contained in:
44
aries/vpn/openvpn.conf
Normal file
44
aries/vpn/openvpn.conf
Normal file
@@ -0,0 +1,44 @@
|
|||||||
|
# init
|
||||||
|
port 10011
|
||||||
|
proto udp
|
||||||
|
|
||||||
|
# tun = routing. tap = bridging
|
||||||
|
dev tun0
|
||||||
|
#server-bridge 10.8.0.0 255.255.255.0 10.8.0.1 10.8.0.199
|
||||||
|
server 10.80.0.0 255.255.255.0
|
||||||
|
keepalive 10 120
|
||||||
|
group nobody
|
||||||
|
user nobody
|
||||||
|
comp-lzo
|
||||||
|
#client-to-client
|
||||||
|
persist-key
|
||||||
|
persist-tun
|
||||||
|
#duplicate-cn
|
||||||
|
log-append /var/log/openvpn.log
|
||||||
|
status /var/log/openvpn_status.log
|
||||||
|
status-version 3
|
||||||
|
verb 5
|
||||||
|
|
||||||
|
# tls items
|
||||||
|
ca /usr/local/etc/openvpn/certs/ca-chain.crt
|
||||||
|
#crl-verify /usr/local/etc/openvpn/intermediate.crl.pem
|
||||||
|
cert /usr/local/etc/openvpn/certs/vpn.secmayl.com.crt.pem
|
||||||
|
key /usr/local/etc/openvpn/certs/vpn.secmayl.com.key.pem
|
||||||
|
dh /usr/local/etc/openvpn/certs/dh.pem
|
||||||
|
|
||||||
|
# tls harden security
|
||||||
|
tls-version-min 1.2
|
||||||
|
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
|
||||||
|
tls-crypt /usr/local/etc/openvpn/auth.key
|
||||||
|
cipher AES-256-CBC
|
||||||
|
auth SHA512
|
||||||
|
reneg-sec 60
|
||||||
|
|
||||||
|
# networking
|
||||||
|
ifconfig-pool-persist /usr/local/etc/openvpn/ipp.txt
|
||||||
|
#route 192.168.0.10 255.255.255.0 10.9.0.1
|
||||||
|
push "route 192.168.0.0 255.255.255.0"
|
||||||
|
push "dhcp-option DNS 192.168.0.1"
|
||||||
|
#push "dhcp-option WINS 192.168.0.1"
|
||||||
|
push "dhcp-option DOMAIN secmayl.com"
|
||||||
|
#push "dhcp-option SEARCH secmayl.com"
|
||||||
Reference in New Issue
Block a user