Skip to content

Instantly share code, notes, and snippets.

Created October 4, 2018 02:48
  • Star 0 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
OpenVPN server config for dropboxes
dev tun0
user nobody
group nogroup
# Openvpn tunnel network
# IP Address we listen on
# Port and Protocol
port 1194
proto tcp
cipher AES-256-CBC
# IPP allows you to statically assign tunnel network IPs to dropboxes
#ifconfig-pool-persist /etc/sysconfig/openvpn/ruvpn-ip-pool.txt
# mgmt & log settings
management 1196
log /var/log/openvpn
# verbose level, turn up if troubleshooting for more logs. 6 is usually good.
verb 3
# Maximum number of simultaneous clients
# enabling this allows multiple connections using the same cert. However, this is insecure.
# if someone steals your certs from a dropbox both the legit and malicious connections could exist simultaneously.
#max-clients 50
client-config-dir ccd
#Option, set renegotiation time
#reneg-sec 86400
#location of cert files
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
cert /etc/openvpn/easy-rsa/keys/pttunnel.crt
ca /etc/openvpn/easy-rsa/keys/ca.crt
key /etc/openvpn/easy-rsa/keys/pttunnel.key
# set this up upon first revoke
#crl-verify /etc/openvpn/easy-rsa/keys/crl.pem
#Timeout for restarting the tunnel on client end if it loses connection
keepalive 10 60
#keep mtus low to account for additional encapsulation
link-mtu 1250
mssfix 1250
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment