Skip to content

Instantly share code, notes, and snippets.

@hakoerber
Created March 21, 2016 16:06
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save hakoerber/8a8df38c8065e7fe3006 to your computer and use it in GitHub Desktop.
port 1194
proto udp
dev vpn-main
dev-type tap
# files
ca pki/main/ca.crt
cert pki/main/server.crt
key pki/main/server.key
tls-auth pki/main/ta.key 0
dh pki/main/dh2048.pem
# mode and addressing
mode server
tls-server
topology subnet
push "topology subnet"
ifconfig 10.8.0.1 255.255.255.0
push "route-gateway 10.8.0.1"
ifconfig-pool 10.8.0.100 10.8.0.199 255.255.255.0
ifconfig-pool-persist /var/run/openvpn/ipp-main.txt
client-config-dir /etc/openvpn/main.ccd
client-to-client
# connection specifics
keepalive 10 120
comp-lzo
cipher AES-256-CBC
auth SHA1
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
# logging
log /var/log/openvpn-main.log
status /var/run/openvpn/status-main 10
verb 4
mute 20
mute-replay-warnings
# misc
user nobody
group nobody
persist-key
persist-tun
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment