Created
January 30, 2017 16:55
-
-
Save non7top/83fcc54848289f8e566a87e7bc095aa6 to your computer and use it in GitHub Desktop.
openvpn
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
iroute 192.168.2.0 255.255.255.0 | |
ifconfig-push 192.168.5.3 192.168.5.4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
port 1194 | |
proto udp | |
dev tun0 | |
#tun-mtu 1500 | |
#tun-mtu-extra 32 | |
#mssfix 1400 | |
#fragment 1200 | |
# | |
# | |
# | |
cipher BF-CBC | |
tcp-queue-limit 128 | |
txqueuelen 2000 | |
tcp-nodelay | |
#txqueuelen 300 | |
sndbuf 393216 | |
rcvbuf 393216 | |
push "sndbuf 393216" | |
push "rcvbuf 393216" | |
#sndbuf 16384 | |
#rcvbuf 16384 | |
#push "sndbuf 16384" | |
#push "rcvbuf 16384" | |
#tun-mtu 1400 | |
#mssfix 1360 | |
route 192.168.2.0 255.255.255.0 | |
push "route 192.168.2.0 255.255.255.0" | |
ca /etc/openvpn/easy-rsa/keys/ca.crt # созданные ключи | |
cert /etc/openvpn/easy-rsa/keys/server.crt | |
key /etc/openvpn/easy-rsa/keys/server.key # держать в секрете | |
dh /etc/openvpn/easy-rsa/keys/dh1024.pem | |
tls-auth /etc/openvpn/easy-rsa/ta.key 0 | |
server 192.168.5.0 255.255.255.0 # наша виртуальная подсеть, можно выбрать и другую | |
ifconfig-pool-persist ipp.txt | |
keepalive 10 120 | |
client-config-dir ccd | |
#comp-lzo # Сжатие трафика, должно быть включено и у клиента | |
persist-key | |
persist-tun | |
client-to-client | |
status /var/log/openvpn-status.log # собственно логи | |
log /var/log/openvpn.log | |
verb 3 # уровень болтливости логов | |
#push "dhcp-option DNS 8.8.8.8" # выдаем по умолчанию DNS сервер от гугла | |
management 127.0.0.1 1111 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment