Bug #7905 » server2.conf
| 1 |
dev ovpns2 |
|---|---|
| 2 |
verb 6 |
| 3 |
dev-type tun |
| 4 |
dev-node /dev/tun2 |
| 5 |
writepid /var/run/openvpn_server2.pid |
| 6 |
#user nobody
|
| 7 |
#group nobody
|
| 8 |
script-security 3 |
| 9 |
daemon
|
| 10 |
keepalive 10 60 |
| 11 |
ping-timer-rem |
| 12 |
persist-tun |
| 13 |
persist-key |
| 14 |
proto udp4 |
| 15 |
cipher AES-128-CBC |
| 16 |
auth SHA1 |
| 17 |
up /usr/local/sbin/ovpn-linkup |
| 18 |
down /usr/local/sbin/ovpn-linkdown |
| 19 |
client-connect /usr/local/sbin/openvpn.attributes.sh |
| 20 |
client-disconnect /usr/local/sbin/openvpn.attributes.sh |
| 21 |
local <external-IP> |
| 22 |
tls-server |
| 23 |
server 172.29.128.0 255.255.255.128 |
| 24 |
client-config-dir /var/etc/openvpn-csc/server2 |
| 25 |
verify-client-cert none |
| 26 |
username-as-common-name |
| 27 |
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-script.so /usr/local/sbin/ovpn_auth_verify_async user YmYwX2R1bzAw false server2 1195 |
| 28 |
tls-verify "/usr/local/sbin/ovpn_auth_verify tls '<hostname>' 1" |
| 29 |
lport 1195 |
| 30 |
management /var/etc/openvpn/server2.sock unix |
| 31 |
push "route 10.48.0.0 255.255.0.0" |
| 32 |
push "route 10.0.0.0 255.255.0.0" |
| 33 |
push "route 10.160.0.0 255.255.0.0" |
| 34 |
push "route 172.17.17.0 255.255.255.0" |
| 35 |
push "route 172.17.2.104 255.255.255.255" |
| 36 |
push "dhcp-option DOMAIN <domain>" |
| 37 |
push "dhcp-option DNS 10.0.80.12" |
| 38 |
push "dhcp-option NTP 10.0.80.12" |
| 39 |
client-to-client |
| 40 |
ca /var/etc/openvpn/server2.ca |
| 41 |
cert /var/etc/openvpn/server2.cert |
| 42 |
key /var/etc/openvpn/server2.key |
| 43 |
dh /etc/dh-parameters.2048 |
| 44 |
ncp-ciphers AES-256-GCM:AES-128-GCM |
| 45 |
persist-remote-ip |
| 46 |
float
|
| 47 |
topology subnet |
| 48 |
reneg-sec 43200 |