1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- # Server TCP
- mode server
- proto tcp-server
- port 4242
- dev tun
- client-to-client
- #client-connect misc/on-client-event.py
- #client-disconnect misc/on-client-event.py
- #route-up misc/route-up.sh
-
- # Keys and certificates
- ca credentials/ca.crt
- cert credentials/server.crt
- key credentials/server.key
- dh credentials/dh2048.pem
- tls-auth credentials/ta.key 1
-
- key-direction 0
- cipher AES-256-CBC
- client-config-dir client-config-dir
-
- # Network
- server OVPN_SUBNET_ADDR OVPN_SUBNET_MASK
- keepalive 10 120
-
- # Uncomment this to redirect client internet traffic trough VPN
- # You'll also need to add iptables rules like:
- # iptables -t nat -s $internal_subnet/24 -A POSTROUTING -j SNAT --to $out_ip
- #push "redirect-gateway def1 bypass-dhcp"
- push "route SITES_SUBNET_ADDR SITES_SUBNET_MASK"
- push "dhcp-option DNS SITE_DNS1"
- push "dhcp-option DNS SITE_DNS2"
-
- # Security
- user root
- group root
- persist-key
- persist-tun
- comp-lzo
- script-security 3
- username-as-common-name
- client-cert-not-required
- plugin /usr/lib/openvpn/openvpn-auth-ldap.so /etc/openvpn/auth-ldap.conf
- #auth-user-pass-verify credentials/passwd-verify via-env
-
- # Log
- verb 3
- mute 20
- status /var/log/openvpn-status-vpn-sites-server
- #log-append /var/log/openvpn-vpn-sites-server.log
|