Changes between Version 1 and Version 2 of Ticket #990, comment 2


Ignore:
Timestamp:
01/18/18 13:52:20 (4 years ago)
Author:
deepsweet
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #990, comment 2

    v1 v2  
    55
    66{{{
    7 ###############################################################################
    8 # OpenVPN 2.0 Sample Configuration File
    9 #
    10 # !!! AUTO-GENERATED  !!!
    11 #
    12 # !!! YOU HAVE TO REVIEW IT BEFORE USE AND MODIFY IT AS NECESSARY !!!
    13 #
    14 # This configuration file is auto-generated. You might use this config file
    15 # However, before you try it, you should review the descriptions of the file
    16 # to determine the necessity to modify to suitable for your real environment.
    17 # If necessary, you have to modify a little adequately on the file.
    18 # For example, the IP address or the hostname as a destination VPN Server
    19 # should be confirmed.
    20 #
    21 # Note that to use OpenVPN 2.0, you have to put the certification file of
    22 # the destination VPN Server on the OpenVPN Client computer when you use this
    23 # config file. Please refer the below descriptions carefully.
    24 
    25 
    26 ###############################################################################
    27 # Specify the type of the layer of the VPN connection.
    28 #
    29 # To connect to the VPN Server as a "Remote-Access VPN Client PC",
    30 #  specify 'dev tun'. (Layer-3 IP Routing Mode)
    31 #
    32 # To connect to the VPN Server as a bridging equipment of "Site-to-Site VPN",
    33 #  specify 'dev tap'. (Layer-2 Ethernet Bridgine Mode)
    34 
    357dev tun
    36 
    37 
    38 ###############################################################################
    39 # Specify the underlying protocol beyond the Internet.
    40 # Note that this setting must be correspond with the listening setting on
    41 # the VPN Server.
    42 #
    43 # Specify either 'proto udp' or 'proto udp'.
    44 
    458proto udp
    46 
    47 
    48 ###############################################################################
    49 # The destination hostname / IP address, and port number of
    50 # the target VPN Server.
    51 #
    52 # You have to specify as 'remote <HOSTNAME> <PORT>'. You can also
    53 # specify the IP address instead of the hostname.
    54 #
    55 # Note that the auto-generated below hostname are a "auto-detected
    56 # IP address" of the VPN Server. You have to confirm the correctness
    57 # beforehand.
    58 #
    59 # When you want to connect to the VPN Server by using TCP protocol,
    60 # the port number of the destination TCP port should be same as one of
    61 # the available TCP listeners on the VPN Server.
    62 #
    63 # When you use UDP protocol, the port number must same as the configuration
    64 # setting of "OpenVPN Server Compatible Function" on the VPN Server.
    65 
    66 # Note: The below hostname is came from the Dynamic DNS Client function
    67 #       which is running on the VPN Server. If you don't want to use
    68 #       the Dynamic DNS hostname, replace it to either IP address or
    69 #       other domain's hostname.
    70 
    719remote some.vpn.server 443
    72 
    73 
    74 ###############################################################################
    75 # The HTTP/HTTPS proxy setting.
    76 #
    77 # Only if you have to use the Internet via a proxy, uncomment the below
    78 # two lines and specify the proxy address and the port number.
    79 # In the case of using proxy-authentication, refer the OpenVPN manual.
    80 
    8110;http-proxy-retry
    8211;http-proxy [proxy server] [proxy port]
    83 
    84 
    85 ###############################################################################
    86 # The encryption and authentication algorithm.
    87 #
    88 # Default setting is good. Modify it as you prefer.
    89 # When you specify an unsupported algorithm, the error will occur.
    90 #
    91 # The supported algorithms are as follows:
    92 #  cipher: [NULL-CIPHER] NULL AES-128-CBC AES-192-CBC AES-256-CBC BF-CBC
    93 #          CAST-CBC CAST5-CBC DES-CBC DES-EDE-CBC DES-EDE3-CBC DESX-CBC
    94 #          RC2-40-CBC RC2-64-CBC RC2-CBC
    95 #  auth:   SHA SHA1 MD5 MD4 RMD160 SHA256 SHA384 SHA512
    96 
    9712cipher AES-256-CBC
    9813auth SHA512
    9914#auth-nocache
    100 
    101 
    102 ###############################################################################
    103 # Other parameters necessary to connect to the VPN Server.
    104 #
    105 # It is not recommended to modify it unless you have a particular need.
    106 
    10715resolv-retry infinite
    10816nobind
     
    11119verb 3
    11220auth-user-pass userpass.txt
    113 
    11421verify-x509-name some.vpn.server name
    115 
    11622#remote-cert-tls server
    11723#remote-cert-ku f6
    118 
    11924dhcp-option DNS 1.2.3.4
    12025dhcp-option DNS 5.6.7.8
    121 
    122 #uncomment next line if you want your OpenVPN client to ignore DNS settings pushed from VPN server
    123 #pull-filter ignore "dhcp-option DNS "
    124 
    125 ###############################################################################
    126 # The certificate file of the destination VPN Server.
    127 #
    128 # The CA certificate file is embedded in the inline format.
    129 # You can replace this CA contents if necessary.
    130 # Please note that if the server certificate is not a self-signed, you have to
    131 # specify the signer's root certificate (CA) here.
    13226
    13327<ca>
     
    13731
    13832</ca>
    139 
    140 
    14133###############################################################################
    14234# The client certificate file (dummy).
     
    16254
    16355</key>
    164 
    16556}}}