Created
September 7, 2010 18:34
-
-
Save ttrefren/568810 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| port 1194 | |
| proto udp | |
| dev tun | |
| # Keys we generated earlier | |
| ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt | |
| cert /etc/easy-rsa/2.0/keys/server.crt | |
| key /etc/easy-rsa/2.0/keys/server.key # This file should be kept secret | |
| dh /etc/easy-rsa/2.0/keys/dh1024.pem | |
| # This will be the internal tun0 connection IP - choose whatever you want | |
| server 10.37.73.0 255.255.255.0 | |
| ifconfig-pool-persist ipp.txt | |
| # This will send all of a client's 10.x.x.x traffic through the VPN | |
| push "route 10.0.0.0 255.0.0.0" | |
| keepalive 10 120 | |
| # Compression - MUST be turned on at both ends. Should be an option on client side as well | |
| comp-lzo | |
| persist-key | |
| persist-tun | |
| # Prevent revoked certificates from accessing vpn | |
| crl-verify easy-rsa/2.0/keys/crl.pem | |
| status log/openvpn-status.log | |
| # Verbose, good for testing. Switch to 3 in production. | |
| verb 6 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment