1 | #Serveur |
---|
2 | verb 1 |
---|
3 | proto udp4 |
---|
4 | port 1492 |
---|
5 | server 10.31.0.0 255.255.255.0 |
---|
6 | mlock |
---|
7 | compress |
---|
8 | keepalive 10 60 |
---|
9 | log /var/log/openvpn-adsl.log |
---|
10 | |
---|
11 | #Authentification |
---|
12 | tls-server |
---|
13 | tls-version-min 1.2 |
---|
14 | key openvpn.key |
---|
15 | cert openvpn.crt |
---|
16 | ca ca.crt |
---|
17 | remote-cert-eku "TLS Web Client Authentication" |
---|
18 | |
---|
19 | #Chiffrement |
---|
20 | dh dh4096.pem |
---|
21 | ncp-ciphers "AES-256-GCM:AES-256-CBC" |
---|
22 | auth SHA512 #en mode GCM, utilisé seulement pour tls-crypt |
---|
23 | tls-crypt static.key |
---|
24 | |
---|
25 | #Configuration réseau |
---|
26 | dev tun |
---|
27 | topology subnet |
---|
28 | push "route 10.30.0.0 255.255.0.0 10.31.0.1" |
---|
29 | |
---|
30 | link-mtu 1464 |
---|