1 | # OpenVPN 2.4 client config |
---|
2 | |
---|
3 | server-poll-timeout 12 |
---|
4 | nobind |
---|
5 | link-mtu 1420 |
---|
6 | server-poll-timeout 15 |
---|
7 | |
---|
8 | <connection> |
---|
9 | remote SERVER_IP_HERE 443 udp4 |
---|
10 | mssfix 0 |
---|
11 | </connection> |
---|
12 | |
---|
13 | <connection> |
---|
14 | remote SERVER_IP_HERE 443 tcp4 |
---|
15 | </connection> |
---|
16 | |
---|
17 | script-security 2 |
---|
18 | # Just shell script with the content to show variables: (set -o posix; set) |
---|
19 | up up.sh |
---|
20 | |
---|
21 | client |
---|
22 | dev tun |
---|
23 | cipher AES-256-GCM |
---|
24 | auth SHA256 |
---|
25 | comp-lzo |
---|
26 | resolv-retry infinite |
---|
27 | remote-cert-tls server |
---|
28 | sndbuf 0 |
---|
29 | rcvbuf 0 |
---|
30 | reneg-sec 0 |
---|
31 | verb 3 |
---|
32 | |
---|
33 | # For single connection persist-* and user/group options can be uncommented |
---|
34 | # For dual it's better to keep them commented, otherwise openvpn cannot |
---|
35 | # change connection without full restart |
---|
36 | ;auth-nocache |
---|
37 | ;persist-key |
---|
38 | ;persist-tun |
---|
39 | ;persist-remote-ip |
---|
40 | |
---|
41 | ignore-unknown-option block-outside-dns dhcp-renew register-dns tap-sleep dhcp-release dhcp-option |
---|
42 | # Windows specific options |
---|
43 | block-outside-dns |
---|
44 | dhcp-renew |
---|
45 | register-dns |
---|
46 | tap-sleep 1 |
---|
47 | |
---|
48 | # *nix specific options (Linux/Mac/BSD) |
---|
49 | ;user openvpn |
---|
50 | ;group openvpn |
---|
51 | nice 5 |
---|
52 | |
---|
53 | # Certificates and keys |
---|
54 | <ca> |
---|
55 | ... |
---|
56 | </ca> |
---|
57 | <cert> |
---|
58 | ... |
---|
59 | </cert> |
---|
60 | <key> |
---|
61 | ... |
---|
62 | </key> |
---|
63 | key-direction 1 |
---|
64 | <tls-auth> |
---|
65 | ... |
---|
66 | </tls-auth> |
---|