User Tools

Site Tools


wiki:webui:administration:openvpn:server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
wiki:webui:administration:openvpn:server [2020/03/13 15:41]
ghi created
wiki:webui:administration:openvpn:server [2021/09/22 16:19] (current)
tda
Line 75: Line 75:
 Here is a simple server side configuration file: Here is a simple server side configuration file:
  
-<code conf /​etc/​openvpn/​server.conf>​ +<code conf /​etc/​openvpn/​server-openvpn.conf> 
-# UDP tunnel on port 1194+
 port 1194 port 1194
 proto udp proto udp
 dev tun dev tun
  
-# Server ​identification ​and security parameters +#​tls-version-min "​1.0"​ 
-pkcs12 ​/​etc/​openvpn/​server-cert.p12 +#​tls-version-max "​1.0"​ 
-dh /​etc/​openvpn/​dh2048.pem+ 
 +# CA certificate 
 +ca ca.crt 
 + 
 +# Server and Private Server key # This file should be kept secret 
 +pkcs12 server.12 
 + 
 +# Diffie-Hellman parameters 
 +dh dh2048.pem
  
 # LAN information and network configuration # LAN information and network configuration
 topology subnet topology subnet
 +
 server 10.8.0.0 255.255.255.0 server 10.8.0.0 255.255.255.0
 ifconfig-pool-persist ipp.txt 86400 ifconfig-pool-persist ipp.txt 86400
Line 93: Line 102:
 push "route 172.18.0.0 255.255.0.0"​ push "route 172.18.0.0 255.255.0.0"​
 push "​dhcp-option DNS 10.8.0.1"​ push "​dhcp-option DNS 10.8.0.1"​
 + 
 # Connection management # Connection management
 comp-lzo comp-lzo
 keepalive 15 120 keepalive 15 120
 cipher AES-256-CBC cipher AES-256-CBC
 + 
 # Daemon configuration # Daemon configuration
 user nobody user nobody
 group nogroup group nogroup
 + 
 # Persist across restarts # Persist across restarts
 persist-key persist-key
Line 108: Line 117:
 persist-local-ip persist-local-ip
 persist-remote-ip persist-remote-ip
 + 
 # Management options # Management options
 status openvpn-status.log status openvpn-status.log
Line 114: Line 123:
 management localhost 6666 management localhost 6666
 script-security 2 script-security 2
 +
 +client-to-client
 +
 </​code>​ </​code>​
  
Line 119: Line 131:
  
 <code bash> <code bash>
-openvpn /​etc/​openvpn/​server.conf+# sudo openvpn /​etc/​openvpn/​server-openvpn.conf
 </​code>​ </​code>​
 +
 +Note: if you set a passphrase to access your private key, just add the following line in your configuration file :
 +
 +<code bash>
 +askpass pass.txt
 +</​code>​
 +
 +fill the pass.txt file with your password and chmod 600 it.
 +
wiki/webui/administration/openvpn/server.1584110512.txt.gz · Last modified: 2020/03/13 15:41 by ghi