Created
May 9, 2015 00:27
-
-
Save ArseniyShestakov/fd2d1ce3331b043042fa to your computer and use it in GitHub Desktop.
Unencrypted unauthenticated OpenVPN configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Funny to say, but it's hard to setup insecure VPN. In this case I have router running under OpenWRT with 4MB flash only so it's only possible to include "openvpn-nossl" in firmware. That was easy part, but hard part was to find out what configuration I need to use to avoid SSL usage as I really don't want to compile my own openvpn package on server. | |
As I find out that is almost no information on internet about this use case, but after few hours of google-fu and source reading I finally setup configuration that actually work. There is none important data going to be transferred over network and security unimportant. Though I wish to add some basic PAM authentification in future, but for now it's not really needed. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Ubuntu Server 14.04 | |
dev tun | |
ifconfig 10.4.0.1 10.4.0.2 | |
verb 3 | |
keepalive 10 60 | |
persist-tun | |
persist-key | |
persist-local-ip | |
comp-lzo | |
auth none | |
cipher none |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# OpenWRT router (revision 44510) | |
remote AAA.BBB.CCC.DDD 1194 | |
nobind | |
persist-tun | |
persist-key | |
comp-lzo adaptive | |
dev tun | |
dev-type tun | |
ifconfig 10.4.0.2 10.4.0.1 | |
keepalive 10 60 | |
resolv-retry infinite | |
verb 3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment