37 lines
692 B
Plaintext
37 lines
692 B
Plaintext
|
## BASIC SERVER CONF
|
||
|
|
||
|
port 1194
|
||
|
proto udp
|
||
|
dev tun
|
||
|
|
||
|
ca /etc/openvpn/easy-rsa/pki/ca.crt
|
||
|
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
|
||
|
key /etc/openvpn/easy-rsa/pki/private/server.key # keep secret
|
||
|
dh /etc/openvpn/easy-rsa/pki/dh.pem
|
||
|
|
||
|
topology subnet
|
||
|
|
||
|
server 10.9.8.0 255.255.255.0 # internal tun0 connection IP
|
||
|
ifconfig-pool-persist ipp.txt
|
||
|
|
||
|
push "route 192.168.0.0 255.255.255.0"
|
||
|
push "redirect-gateway def1 bypass-dhcp"
|
||
|
|
||
|
keepalive 10 120
|
||
|
|
||
|
tls-auth /etc/openvpn/server/ta.key 0
|
||
|
auth-nocache
|
||
|
|
||
|
cipher AES-256-CBC
|
||
|
data-ciphers AES-256-CBC
|
||
|
|
||
|
persist-key
|
||
|
persist-tun
|
||
|
|
||
|
status /var/log/openvpn/openvpn-status.log
|
||
|
|
||
|
verb 3 # verbose mode
|
||
|
|
||
|
client-to-client
|
||
|
explicit-exit-notify 1
|