37 lines
692 B
Plaintext
37 lines
692 B
Plaintext
## BASIC SERVER CONF
|
|
|
|
port 1194
|
|
proto udp
|
|
dev tun
|
|
|
|
ca /etc/openvpn/easy-rsa/pki/ca.crt
|
|
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
|
|
key /etc/openvpn/easy-rsa/pki/private/server.key # keep secret
|
|
dh /etc/openvpn/easy-rsa/pki/dh.pem
|
|
|
|
topology subnet
|
|
|
|
server 10.9.8.0 255.255.255.0 # internal tun0 connection IP
|
|
ifconfig-pool-persist ipp.txt
|
|
|
|
push "route 192.168.0.0 255.255.255.0"
|
|
push "redirect-gateway def1 bypass-dhcp"
|
|
|
|
keepalive 10 120
|
|
|
|
tls-auth /etc/openvpn/server/ta.key 0
|
|
auth-nocache
|
|
|
|
cipher AES-256-CBC
|
|
data-ciphers AES-256-CBC
|
|
|
|
persist-key
|
|
persist-tun
|
|
|
|
status /var/log/openvpn/openvpn-status.log
|
|
|
|
verb 3 # verbose mode
|
|
|
|
client-to-client
|
|
explicit-exit-notify 1
|