Last active
June 12, 2017 20:14
-
-
Save NotoriousPyro/a64ec8ab88a992f9ce36cff44141000e to your computer and use it in GitHub Desktop.
OpenVPN Server Configuration for pkcs12, tlsauth, SHA256 and AES-256-CBC/GCM, client address pool, address reservation, client-to-client, domain and DNS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Service | |
| mode server | |
| proto udp | |
| port 1194 | |
| persist-key 1 | |
| fast-io 1 | |
| float 1 | |
| verb 3 | |
| mute-replay-warnings 1 | |
| script-security 3 | |
| # Encryption | |
| key_direction 0 | |
| auth SHA256 | |
| cipher AES-256-CBC | |
| tls-server 1 | |
| dh "/etc/openvpn/keys/dh2048.pem" | |
| pkcs12 "/etc/openvpn/keys/MyServerCertificate.p12" | |
| tls-auth "/etc/openvpn/keys/gateway.pyronexus.com.tlsauth" | |
| # Network | |
| keepalive 10 30 | |
| dev tun0 | |
| sndbuf 0 | |
| rcvbuf 0 | |
| topology subnet | |
| client-to-client 1 | |
| client-config-dir "/etc/openvpn/clients" | |
| learn-address "/usr/bin/ovpn-learnaddress" | |
| ifconfig "10.8.1.1 255.255.255.0" | |
| ifconfig-pool "10.8.1.50 10.8.1.125 255.255.255.0" | |
| push "keepalive 10 30" | |
| push "sndbuf 0" | |
| push "rcvbuf 0" | |
| push "topology subnet" | |
| push "route-gateway 10.8.1.1" | |
| push "route 10.8.0.0 255.255.255.0 vpn_gateway" | |
| push "route 10.8.1.0 255.255.255.0 vpn_gateway" | |
| push "dhcp-option DNS 10.8.0.15" | |
| push "dhcp-option DNS 10.8.0.16" | |
| push "dhcp-option DNS 10.8.0.17" | |
| push "dhcp-option DOMAIN pyronexus.lan" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment