| 1 | #Serveur |
|---|
| 2 | verb 1 |
|---|
| 3 | proto udp4 |
|---|
| 4 | port 1492 |
|---|
| 5 | server 10.31.0.0 255.255.255.0 |
|---|
| 6 | mlock |
|---|
| 7 | compress |
|---|
| 8 | keepalive 10 60 |
|---|
| 9 | log /var/log/openvpn-adsl.log |
|---|
| 10 | |
|---|
| 11 | #Authentification |
|---|
| 12 | tls-server |
|---|
| 13 | tls-version-min 1.2 |
|---|
| 14 | key openvpn.key |
|---|
| 15 | cert openvpn.crt |
|---|
| 16 | ca ca.crt |
|---|
| 17 | remote-cert-eku "TLS Web Client Authentication" |
|---|
| 18 | |
|---|
| 19 | #Chiffrement |
|---|
| 20 | dh dh4096.pem |
|---|
| 21 | ncp-ciphers "AES-256-GCM:AES-256-CBC" |
|---|
| 22 | auth SHA512 #en mode GCM, utilisé seulement pour tls-crypt |
|---|
| 23 | tls-crypt static.key |
|---|
| 24 | |
|---|
| 25 | #Configuration réseau |
|---|
| 26 | dev tun |
|---|
| 27 | topology subnet |
|---|
| 28 | push "route 10.30.0.0 255.255.0.0 10.31.0.1" |
|---|
| 29 | |
|---|
| 30 | link-mtu 1464 |
|---|
