Skip to content

Instantly share code, notes, and snippets.

@bbhoss bbhoss/openvpn.conf Secret
Created Mar 11, 2015

What would you like to do?
Sample simple openvpn config for bastion with routing
port 1194
proto udp
dev tun
# Your keys and certs. Relative paths should work here as well
ca /opt/local/etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /opt/local/etc/openvpn/easy-rsa/2.0/keys/server.crt
key /opt/local/etc/openvpn/easy-rsa/2.0/keys/server.key
dh /opt/local/etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
# This will be the internal tun0 connection IP - choose whatever you want
ifconfig-pool-persist ipp.txt
# This will send all of a client's traffic to the private vlans through the tunnel
push "route"
push "route"
push "route"
keepalive 10 120
# Compression - MUST be turned on at both ends. Should be an option on client side as well
# Prevent revoked certificates from accessing vpn
crl-verify easy-rsa/2.0/keys/crl.pem
status log/openvpn-status.log
# Verbose, good for testing. Switch to 3 in production.
verb 3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.