-
Notifications
You must be signed in to change notification settings - Fork 55
/
config.ovpn
83 lines (64 loc) · 2.33 KB
/
config.ovpn
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#################################################
# OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
# of a many-clients one-server #
# OpenVPN configuration. #
# #
# OpenVPN also supports #
# single-machine single-machine #
# configurations (See the Examples page #
# on the web site for more info). #
# #
# This config should work on Windows #
# or Linux/BSD systems. Remember on #
# Windows to quote pathnames and use #
# double backslashes, e.g.: #
# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
# #
# Comments are preceded with '#' or ';' #
#################################################
local 10.0.1.3
port 443
proto udp
dev tun
ca ca.crt
cert hostname.domainname.tld.crt
key hostname.domainname.tld.key
tls-crypt ta.key 0
dh none
ecdh-curve ed25519
server 10.8.0.0 255.255.255.0
route 10.0.1.0 255.255.255.0
route 10.8.0.0 255.255.255.0
;server-bridge 10.0.1.3 255.255.255.0 10.0.1.50 10.0.1.90
topology subnet
# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
push "route 10.0.1.0 255.255.255.0"
push "route 10.8.0.0 255.255.255.0"
push "redirect-gateway def1"
push "dhcp-option DNS 10.0.1.3"
push "dhcp-option DOMAIN domainname.tld"
; push "dhcp-option PROXY_AUTO_CONFIG_URL http://proxy.domainname.private/proxy.pac"
;push "dhcp-option PROXY_HTTP 10.0.1.3 8118"
push "dhcp-option PROXY_BYPASS domainname.com proxy.domainname.private"
client-to-client
keepalive 10 120
cipher AES-256-GCM
tls-version-min 1.3
; openvpn --show-tls | grep -e '^TLS' | grep -v 128 | grep -v -e 'SHA$' | grep -v GCM
; tls-cipher TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
max-clients 20
; user nobody
; group nobody
persist-key
persist-tun
ifconfig-pool-persist "/Library/Application Support/Tunnelblick/ipp.txt"
verb 3