53 lines
931 B
Text
53 lines
931 B
Text
# Remote host
|
|
remote remote.fqdn.tdl 1188
|
|
|
|
# Protocol & port
|
|
proto udp
|
|
port 1188
|
|
|
|
# Interface
|
|
dev vpn-ha
|
|
dev-type tap
|
|
|
|
# MTU
|
|
tun-mtu 1500
|
|
|
|
# Secret shared key (generated on first client start)
|
|
# Note: to manually generate it, run:
|
|
# openvpn --genkey secret /srv/openvpn/secret.key
|
|
# cp /srv/openvpn/secret.key /etc/openvpn/secret.key
|
|
# chmod 400 /srv/openvpn/secret.key /etc/openvpn/secret.key
|
|
secret /srv/openvpn/secret.key
|
|
cipher AES-256-CBC
|
|
|
|
# Keepalive
|
|
ping 30
|
|
ping-restart 60
|
|
|
|
# Allow remote address changed
|
|
float
|
|
|
|
# IP address inside VPN
|
|
ifconfig 172.16.88.2 255.255.255.0
|
|
route-gateway 172.16.88.1
|
|
|
|
# Optional routes recheable througt the remote host
|
|
# route 192.168.8.0 255.255.255.0
|
|
|
|
# Run openvpn using this specified user & group
|
|
user nobody
|
|
group nogroup
|
|
|
|
persist-key
|
|
persist-tun
|
|
|
|
## Logging
|
|
|
|
# Log level (0-9)
|
|
verb 3
|
|
|
|
# Max repeat count for logged messages
|
|
mute 10
|
|
|
|
# Managing interface
|
|
# management 127.0.0.1 7588
|