74 lines
1.0 KiB
Plaintext
74 lines
1.0 KiB
Plaintext
|
local TLADDR
|
||
|
|
dev tun
|
||
|
|
proto TPROTO
|
||
|
|
TCL
|
||
|
|
port TPORT
|
||
|
|
|
||
|
|
# Keys
|
||
|
|
ca /etc/openvpn/ca.crt
|
||
|
|
cert /etc/openvpn/server.crt
|
||
|
|
key /etc/openvpn/server.key
|
||
|
|
dh /etc/openvpn/dh.pem
|
||
|
|
tls-auth /etc/openvpn/ta.key 0
|
||
|
|
|
||
|
|
# Network topology
|
||
|
|
topology subnet
|
||
|
|
server TSERNET TSERMASK
|
||
|
|
|
||
|
|
ifconfig-pool-persist /etc/openvpn/ipp.txt
|
||
|
|
|
||
|
|
log /etc/openvpn/openvpn.log
|
||
|
|
log-append /etc/openvpn/openvpn.log
|
||
|
|
|
||
|
|
verb 3
|
||
|
|
|
||
|
|
# Use Extended Status Output
|
||
|
|
status /etc/openvpn/openvpn-status.log 5
|
||
|
|
status-version 2
|
||
|
|
|
||
|
|
|
||
|
|
# FULL Tunneling
|
||
|
|
TTUNTYPE
|
||
|
|
|
||
|
|
# SPLIT Tunneling
|
||
|
|
TSPLIT_ROUTES
|
||
|
|
|
||
|
|
# DNS Configuration
|
||
|
|
TDNS_OPTIONS
|
||
|
|
|
||
|
|
# Client-to-client communication
|
||
|
|
TC2C
|
||
|
|
|
||
|
|
user nobody
|
||
|
|
group nogroup
|
||
|
|
|
||
|
|
# Allow same profile on multiple devices simultaneously
|
||
|
|
TDCN
|
||
|
|
|
||
|
|
# data protection
|
||
|
|
data-ciphers CHACHA20-POLY1305:AES-256-GCM:AES-256-CBC
|
||
|
|
data-ciphers-fallback AES-256-CBC
|
||
|
|
auth SHA256
|
||
|
|
|
||
|
|
keepalive 10 120
|
||
|
|
|
||
|
|
persist-key
|
||
|
|
persist-tun
|
||
|
|
|
||
|
|
# check evocation list
|
||
|
|
TREVO
|
||
|
|
|
||
|
|
# for UDP only
|
||
|
|
TUDP
|
||
|
|
|
||
|
|
# Script Scurity Lever
|
||
|
|
T_SCRIPTSEC
|
||
|
|
|
||
|
|
# Client Connect Script
|
||
|
|
T_CONNSCRIPT
|
||
|
|
|
||
|
|
# Client Disconnect Script
|
||
|
|
T_DISCONNSCRIPT
|
||
|
|
|
||
|
|
# Enable Management Interface
|
||
|
|
T_MGMT_CONF
|