Context Navigation

template.ovpn

Last change on this file was 62266ed, checked in by Edwin Eefting <edwin@datux.nl>, 4 years ago
update openvpn to 2.5.3. disable comp-lzo because of VORACLE issue
Property mode set to `100644`
File size: 2.8 KB

Rev	Line
[c5c522c]	1	##############################################
	2	# SYN-3 OpenVPN configfile #
	3	##############################################
	4
	5	# The hostname/IP and port of the SYN-3 server. (usually the public IP or hostname)
	6	remote %remote% 1194
	7
	8
	9	# Specify that we are a client and that we
	10	# will be pulling certain config file directives
	11	# from the server.
	12	client
	13
	14	# Use the same setting as you are using on
	15	# the server.
	16	# On most systems, the VPN will not function
	17	# unless you partially or fully disable
	18	# the firewall for the TUN/TAP interface.
	19	;dev tap
	20	dev tun
	21
	22	# Windows needs the TAP-Windows adapter name
	23	# from the Network Connections panel
	24	# if you have more than one. On XP SP2,
	25	# you may need to disable the firewall
	26	# for the TAP adapter.
	27	;dev-node MyTap
	28
	29	# Are we connecting to a TCP or
	30	# UDP server? Use the same setting as
	31	# on the server.
	32	;proto tcp
	33	proto udp
	34
	35	# Choose a random host from the remote
	36	# list for load-balancing. Otherwise
	37	# try hosts in the order specified.
	38	;remote-random
	39
	40	# Keep trying indefinitely to resolve the
	41	# host name of the OpenVPN server. Very useful
	42	# on machines which are not permanently connected
	43	# to the internet such as laptops.
	44	resolv-retry infinite
	45
	46	# Most clients don't need to bind to
	47	# a specific local port number.
	48	nobind
	49
	50	# Downgrade privileges after initialization (non-Windows only)
	51	;user nobody
	52	;group nobody
	53
	54	# Try to preserve some state across restarts.
	55	persist-key
	56	persist-tun
	57
	58	# If you are connecting through an
	59	# HTTP proxy to reach the actual OpenVPN
	60	# server, put the proxy server/IP and
	61	# port number here. See the man page
	62	# if your proxy server requires
	63	# authentication.
	64	;http-proxy-retry # retry on connection failures
	65	;http-proxy [proxy server] [proxy port #]
	66
	67	# Wireless networks often produce a lot
	68	# of duplicate packets. Set this flag
	69	# to silence duplicate packet warnings.
	70	;mute-replay-warnings
	71
	72
	73	# Verify server certificate by checking
	74	# that the certicate has the nsCertType
	75	# field set to "server". This is an
	76	# important precaution to protect against
	77	# a potential attack discussed here:
	78	# http://openvpn.net/howto.html#mitm
	79	#
	80	# To use this feature, you will need to generate
	81	# your server certificates with the nsCertType
	82	# field set to "server". The build-key-server
	83	# script in the easy-rsa folder will do this.
	84	remote-cert-tls server
	85
	86	# If a tls-auth key is used on the server
	87	# then every client must also have the key.
	88	;tls-auth ta.key 1
	89
	90	# Select a cryptographic cipher.
	91	# If the cipher option is used on the server
	92	# then you must also specify it here.
	93	cipher AES-256-CBC
	94
	95	# Enable compression on the VPN link.
	96	# Don't enable this unless it is also
	97	# enabled in the server config file.
[62266ed]	98	#No, see https://community.openvpn.net/openvpn/wiki/VORACLE
	99	#comp-lzo
[c5c522c]	100
	101	# Set log file verbosity.
	102	verb 3
	103
	104	# Silence repeating messages
	105	;mute 20
	106
	107	key-direction 1
	108	auth-user-pass
	109
	110	#inline keys will be added here:
	111

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format