|
|
|
########################################
|
|
|
|
# Sample OpenVPN config file for
|
|
|
|
# 2.0-style multi-client udp server
|
|
|
|
#
|
|
|
|
# Adapted from http://openvpn.sourceforge.net/20notes.html
|
|
|
|
#
|
|
|
|
# tun-style tunnel
|
|
|
|
|
|
|
|
port 1194
|
|
|
|
dev tun
|
|
|
|
|
|
|
|
# Use "local" to set the source address on multi-homed hosts
|
|
|
|
#local [IP address]
|
|
|
|
|
|
|
|
# TLS parms
|
|
|
|
tls-server
|
|
|
|
ca sample-keys/tmp-ca.crt
|
|
|
|
cert sample-keys/server.crt
|
|
|
|
key sample-keys/server.key
|
|
|
|
dh sample-keys/dh1024.pem
|
|
|
|
|
|
|
|
# Tell OpenVPN to be a multi-client udp server
|
|
|
|
mode server
|
|
|
|
|
|
|
|
# The server's virtual endpoints
|
|
|
|
ifconfig 10.8.0.1 10.8.0.2
|
|
|
|
|
|
|
|
# Pool of /30 subnets to be allocated to clients.
|
|
|
|
# When a client connects, an --ifconfig command
|
|
|
|
# will be automatically generated and pushed back to
|
|
|
|
# the client.
|
|
|
|
ifconfig-pool 10.8.0.4 10.8.0.255
|
|
|
|
|
|
|
|
# Push route to client to bind it to our local
|
|
|
|
# virtual endpoint.
|
|
|
|
push "route 10.8.0.1 255.255.255.255"
|
|
|
|
|
|
|
|
# Push any routes the client needs to get in
|
|
|
|
# to the local network.
|
|
|
|
push "route 192.168.0.0 255.255.255.0"
|
|
|
|
|
|
|
|
# Push DHCP options to Windows clients.
|
|
|
|
push "dhcp-option DOMAIN example.com"
|
|
|
|
push "dhcp-option DNS 192.168.0.1"
|
|
|
|
push "dhcp-option WINS 192.168.0.1"
|
|
|
|
|
|
|
|
# Client should attempt reconnection on link
|
|
|
|
# failure.
|
|
|
|
keepalive 10 60
|
|
|
|
|
|
|
|
# Delete client instances after some period
|
|
|
|
# of inactivity.
|
|
|
|
inactive 600
|
|
|
|
|
|
|
|
# Route the --ifconfig pool range into the
|
|
|
|
# OpenVPN server.
|
|
|
|
route 10.8.0.0 255.255.255.0
|
|
|
|
|
|
|
|
# The server doesn't need privileges
|
|
|
|
user openvpn
|
|
|
|
group openvpn
|
|
|
|
|
|
|
|
# Keep TUN devices and keys open across restarts.
|
|
|
|
persist-tun
|
|
|
|
persist-key
|
|
|
|
|
|
|
|
verb 4
|