ha-remote-vpn/srv/openvpn/client.conf

53 lines
931 B
Text

# Remote host
remote remote.fqdn.tdl 1188
# Protocol & port
proto udp
port 1188
# Interface
dev vpn-ha
dev-type tap
# MTU
tun-mtu 1500
# Secret shared key (generated on first client start)
# Note: to manually generate it, run:
# openvpn --genkey secret /srv/openvpn/secret.key
# cp /srv/openvpn/secret.key /etc/openvpn/secret.key
# chmod 400 /srv/openvpn/secret.key /etc/openvpn/secret.key
secret /srv/openvpn/secret.key
cipher AES-256-CBC
# Keepalive
ping 30
ping-restart 60
# Allow remote address changed
float
# IP address inside VPN
ifconfig 172.16.88.2 255.255.255.0
route-gateway 172.16.88.1
# Optional routes recheable througt the remote host
# route 192.168.8.0 255.255.255.0
# Run openvpn using this specified user & group
user nobody
group nogroup
persist-key
persist-tun
## Logging
# Log level (0-9)
verb 3
# Max repeat count for logged messages
mute 10
# Managing interface
# management 127.0.0.1 7588