-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathserver.conf
54 lines (44 loc) · 1.17 KB
/
server.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
local {192.168.113.10}
port 1197
proto udp
dev tun
mode server
tls-server
# from openvpn man + self test for 3G/4G tunnels in tunnels in femtocells etc.
#tun-mtu 1480
tun-mtu 1400
#fragment 1300
mssfix 1300
txqueuelen 1000
persist-key
persist-tun
ca /etc/openvpn/pki/pki/ca.crt
cert /etc/openvpn/pki/pki/issued/server.crt
key /etc/openvpn/pki/pki/private/server.unprotected.key
dh /etc/openvpn/pki/pki/dh.pem
tls-auth /etc/openvpn/pki/ta.key 0
# This pool is for non-groupes users :
ifconfig-pool 10.5.0.2 10.5.0.254
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 192.168.113.0 255.255.255.0 vpn_gateway"
push "dhcp-option DNS 192.168.113.254"
duplicate-cn
username-as-common-name
# Uncomment this if you want to allow client-to-client communication
# not recommended unless you *really* need it.
# client-to-client
keepalive 10 120
cipher AES-256-CBC
max-clients 1000
user nobody
group nogroup
status /var/log/openvpn/status.log
status-version 3
log-append /var/log/openvpn/openvpn.log
verb 4
mute 10
up /etc/openvpn/server.up.sh
auth-user-pass-verify /var/www/vpn/check.php via-env
client-connect /var/www/vpn/client-connect.php
script-security 3
management 127.0.0.1 22223