Ticket #926: server.conf

File server.conf, 1.6 KB (added by vmspike, 5 years ago)
Line 
1## OpenVPN 2.4 UDP server config file
2
3multihome
4
5cd /etc/openvpn/chroot
6
7## UDP server specific options
8proto udp4
9dev tun0
10replay-window 80 20
11fast-io
12link-mtu 1420
13status /var/log/openvpn/status.udp.server.txt 10
14log-append /var/log/openvpn/udp.server.log
15replay-persist /var/log/openvpn/replay-persist.udp.server.txt
16## END UDP server specific options
17
18## TCP server specific options
19# proto tcp4
20# dev tun1
21# link-mtu 1420
22# tcp-nodelay
23# tcp-queue-limit 64
24# status /var/log/openvpn/status.tcp.server.txt 10
25# log-append /var/log/openvpn/tcp.server.log
26# replay-persist /var/log/openvpn/replay-persist.tcp.server.txt
27## END TCP server specific options
28
29lport 443
30server 172.16.16.0 255.255.255.0 nopool
31ifconfig-pool 172.16.16.0 172.16.16.254 255.255.255.0
32
33topology subnet
34status-version 1
35tls-timeout 2
36reneg-sec 3600
37
38ca /etc/openvpn/server/keys/ca.crt
39cert /etc/openvpn/server/keys/server.crt
40key /etc/openvpn/server/keys/server.key
41dh /etc/openvpn/server/keys/dh.pem
42crl-verify crl.pem
43tls-auth /etc/openvpn/server/keys/ta.key 0
44
45nice 5
46max-clients 1024
47
48user openvpn
49group openvpn
50
51cipher AES-256-GCM
52auth SHA256
53tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
54tls-version-min 1.2
55;opt-verify
56
57script-security 2
58learn-address scripts/learn-address
59ccd-exclusive
60client-config-dir ccd
61tmp-dir tmp
62
63mute-replay-warnings
64verb 4
65
66keepalive 10 40
67persist-key
68persist-tun
69persist-local-ip
70
71comp-lzo adaptive
72push "comp-lzo adaptive"
73
74chroot /etc/openvpn/chroot