| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- # Server TCP on ${hostname}
- mode server
- proto tcp-server
- port ${port}
- dev ${dev}
- client-to-client
-
- # Keys and certificates
- ca /etc/openvpn/${name}/easy-rsa/keys/ca.crt
- cert /etc/openvpn/${name}/easy-rsa/keys/server.crt
- key /etc/openvpn/${name}/easy-rsa/keys/server.key
- dh /etc/openvpn/${name}/easy-rsa/keys/dh1024.pem
- tls-auth /etc/openvpn/${name}/easy-rsa/keys/ta.key 1
-
- key-direction 0
- cipher AES-256-CBC
- crl-verify /etc/openvpn/${name}/easy-rsa/keys/crl.pem
- client-config-dir /etc/openvpn/${name}/client-config-dir
-
- # Network
- server ${net} ${mask}
- keepalive 10 120
-
- # Uncomment this to redirect client internet traffic trough VPN
- # You'll also need to add iptables rules like:
- # iptables -t nat -s $internal_subnet/24 -A POSTROUTING -j SNAT --to $out_ip
- #push "redirect-gateway def1 bypass-dhcp"
-
- # Security
- user ${user}
- group ${group}
- persist-key
- persist-tun
- comp-lzo
-
- # Log
- verb 1
- mute 20
- status /var/log/openvpn-status-${name}
- log-append /var/log/openvpn-${name}.log
|
