Last active
July 23, 2018 19:03
-
-
Save charlieparkes/9270a8283ef459ffca58a3859184e0d7 to your computer and use it in GitHub Desktop.
VPN Configs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# We are in client mode | |
client | |
## We are creating a tunnel | |
dev tun | |
## We use TCP | |
proto tcp | |
remote vpn.everest-dev.aws.mintel.com 443 | |
#dhcp-option DOMAIN aws.mintel.com | |
#dhcp-option DNS 10.2.8.2 | |
resolv-retry infinite | |
# Don't bind to local port | |
nobind | |
# Try to preserve some state across restarts. | |
persist-key | |
persist-tun | |
auth-user-pass | |
ca ca.crt | |
cert cmathews.crt | |
key cmathews.key | |
## Make sure we validate the server certificate | |
remote-cert-tls server | |
## Set cypher | |
cipher BF-CBC | |
## Enable compression | |
comp-lzo | |
# Set log file verbosity. | |
verb 3 | |
# Silence repeating messages | |
mute 20 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# We are in client mode | |
client | |
## We are creating a tunnel | |
dev tun | |
## We use TCP | |
proto tcp | |
remote vpn.everest-prod.aws.mintel.com 443 | |
#dhcp-option DOMAIN aws.mintel.com | |
#dhcp-option DNS 10.2.8.2 | |
resolv-retry infinite | |
# Don't bind to local port | |
nobind | |
# Try to preserve some state across restarts. | |
persist-key | |
persist-tun | |
auth-user-pass | |
ca ca.crt | |
cert cmathews.crt | |
key cmathews.key | |
## Make sure we validate the server certificate | |
remote-cert-tls server | |
## Set cypher | |
cipher BF-CBC | |
## Enable compression | |
comp-lzo | |
# Set log file verbosity. | |
verb 3 | |
# Silence repeating messages | |
mute 20 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# We are in client mode | |
client | |
## We are creating a tunnel | |
dev tun | |
## We use TCP | |
proto tcp | |
remote vpn.everest-qa.aws.mintel.com 443 | |
#dhcp-option DOMAIN aws.mintel.com | |
#dhcp-option DNS 10.2.8.2 | |
resolv-retry infinite | |
# Don't bind to local port | |
nobind | |
# Try to preserve some state across restarts. | |
persist-key | |
persist-tun | |
auth-user-pass | |
ca ca.crt | |
cert cmathews.crt | |
key cmathews.key | |
## Make sure we validate the server certificate | |
remote-cert-tls server | |
## Set cypher | |
cipher BF-CBC | |
## Enable compression | |
comp-lzo | |
# Set log file verbosity. | |
verb 3 | |
# Silence repeating messages | |
mute 20 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## We need to be in client mode | |
client | |
## We are creating a tunnel | |
dev tun | |
## We use TCP | |
proto tcp | |
## Server list | |
remote relay1.us.mintel.com 443 | |
remote relay2.us.mintel.com 443 | |
# Choose a random host from the remote | |
# list for load-balancing. Otherwise | |
# try hosts in the order specified. | |
remote-random | |
# Keep trying indefinitely to resolve the | |
# host name of the OpenVPN server. Very useful | |
# on machines which are not permanently connected | |
# to the internet such as laptops. | |
resolv-retry infinite | |
# Most clients don't need to bind to | |
# a specific local port number. | |
nobind | |
# Try to preserve some state across restarts. | |
persist-key | |
persist-tun | |
## Prompt for username and password | |
auth-user-pass | |
## Mintel CPN Certificate Authority Certificate | |
ca ca.crt | |
## Client Certificate | |
cert m-chi-7-l-1122.crt | |
## Client Private Key | |
key m-chi-7-l-1122.key | |
## Make sure we validate the server certificate | |
ns-cert-type server | |
## Set cypher | |
cipher DES-EDE3-CBC | |
## Enable compression | |
comp-lzo | |
# Set log file verbosity. | |
verb 3 | |
# Silence repeating messages | |
mute 20 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment