|
1
|
<openvpn>
|
|
2
|
<openvpn-server>
|
|
3
|
<vpnid>1</vpnid>
|
|
4
|
<mode>server_tls</mode>
|
|
5
|
<protocol>UDP4</protocol>
|
|
6
|
<dev_mode>tap</dev_mode>
|
|
7
|
<interface>wan</interface>
|
|
8
|
<ipaddr></ipaddr>
|
|
9
|
<local_port>1195</local_port>
|
|
10
|
<description><![CDATA[Main VPN]]></description>
|
|
11
|
<custom_options>crl-verify /usr/local/etc/openvpn/crl.pem
|
|
12
|
ifconfig-pool 172.20.68.3 172.20.70.254 255.255.252.0
|
|
13
|
ifconfig-pool-persist /usr/local/etc/openvpn/ipp.txt
|
|
14
|
log /var/log/openvpn1.log</custom_options>
|
|
15
|
<caref>5fdec687e1bb2</caref>
|
|
16
|
<crlref></crlref>
|
|
17
|
<ocspurl></ocspurl>
|
|
18
|
<certref>5fe160720bb42</certref>
|
|
19
|
<dh_length>2048</dh_length>
|
|
20
|
<ecdh_curve>none</ecdh_curve>
|
|
21
|
<cert_depth></cert_depth>
|
|
22
|
<remote_cert_tls></remote_cert_tls>
|
|
23
|
<data_ciphers_fallback>AES-256-CBC</data_ciphers_fallback>
|
|
24
|
<digest>SHA256</digest>
|
|
25
|
<engine>none</engine>
|
|
26
|
<tunnel_network></tunnel_network>
|
|
27
|
<tunnel_networkv6></tunnel_networkv6>
|
|
28
|
<remote_network></remote_network>
|
|
29
|
<remote_networkv6></remote_networkv6>
|
|
30
|
<gwredir></gwredir>
|
|
31
|
<gwredir6></gwredir6>
|
|
32
|
<local_network>172.20.0.0/16</local_network>
|
|
33
|
<local_networkv6></local_networkv6>
|
|
34
|
<maxclients></maxclients>
|
|
35
|
<allow_compression>asym</allow_compression>
|
|
36
|
<compression>lzo</compression>
|
|
37
|
<compression_push>yes</compression_push>
|
|
38
|
<passtos>yes</passtos>
|
|
39
|
<client2client></client2client>
|
|
40
|
<dynamic_ip>yes</dynamic_ip>
|
|
41
|
<topology>subnet</topology>
|
|
42
|
<serverbridge_dhcp>yes</serverbridge_dhcp>
|
|
43
|
<serverbridge_interface>wan</serverbridge_interface>
|
|
44
|
<serverbridge_routegateway>yes</serverbridge_routegateway>
|
|
45
|
<serverbridge_dhcp_start></serverbridge_dhcp_start>
|
|
46
|
<serverbridge_dhcp_end></serverbridge_dhcp_end>
|
|
47
|
<dns_server1>172.20.16.7</dns_server1>
|
|
48
|
<dns_server2></dns_server2>
|
|
49
|
<dns_server3></dns_server3>
|
|
50
|
<dns_server4></dns_server4>
|
|
51
|
<push_blockoutsidedns>yes</push_blockoutsidedns>
|
|
52
|
<username_as_common_name><![CDATA[enabled]]></username_as_common_name>
|
|
53
|
<exit_notify>none</exit_notify>
|
|
54
|
<sndrcvbuf></sndrcvbuf>
|
|
55
|
<push_register_dns>yes</push_register_dns>
|
|
56
|
<netbios_enable></netbios_enable>
|
|
57
|
<netbios_ntype>0</netbios_ntype>
|
|
58
|
<netbios_scope></netbios_scope>
|
|
59
|
<create_gw>v4only</create_gw>
|
|
60
|
<verbosity_level>3</verbosity_level>
|
|
61
|
<data_ciphers>AES-128-GCM,AES-256-CBC</data_ciphers>
|
|
62
|
<ncp_enable>enabled</ncp_enable>
|
|
63
|
<ping_method>ping</ping_method>
|
|
64
|
<keepalive_interval>10</keepalive_interval>
|
|
65
|
<keepalive_timeout>60</keepalive_timeout>
|
|
66
|
<ping_seconds>10</ping_seconds>
|
|
67
|
<ping_push>yes</ping_push>
|
|
68
|
<ping_action>ping_restart</ping_action>
|
|
69
|
<ping_action_seconds>30</ping_action_seconds>
|
|
70
|
<ping_action_push>yes</ping_action_push>
|
|
71
|
<inactive_seconds>0</inactive_seconds>
|
|
72
|
</openvpn-server>
|
