mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-12-04 15:14:06 +08:00
34cb9132ef
Suitable for mature project. root - administrative stuff doc - documents src - sources tests - tests distro - distro specific files sample - samples SIDE EFFECT: many changes to rpm spec. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Acked-by: Adriaan de Jong <dejong@fox-it.com> Signed-off-by: David Sommerseth <davids@redhat.com>
104 lines
2.9 KiB
Plaintext
Executable File
104 lines
2.9 KiB
Plaintext
Executable File
# Edit this file, and save to a .ovpn extension
|
|
# so that OpenVPN will activate it when run
|
|
# as a service.
|
|
|
|
# Change 'myremote' to be your remote host,
|
|
# or comment out to enter a listening
|
|
# server mode.
|
|
remote myremote
|
|
|
|
# Uncomment this line to use a different
|
|
# port number than the default of 1194.
|
|
; port 1194
|
|
|
|
# Choose one of three protocols supported by
|
|
# OpenVPN. If left commented out, defaults
|
|
# to udp.
|
|
; proto [tcp-server | tcp-client | udp]
|
|
|
|
# You must specify one of two possible network
|
|
# protocols, 'dev tap' or 'dev tun' to be used
|
|
# on both sides of the connection. 'tap' creates
|
|
# a VPN using the ethernet protocol while 'tun'
|
|
# uses the IP protocol. You must use 'tap'
|
|
# if you are ethernet bridging or want to route
|
|
# broadcasts. 'tun' is somewhat more efficient
|
|
# but requires configuration of client software
|
|
# to not depend on broadcasts. Some platforms
|
|
# such as Solaris, OpenBSD, and Mac OS X only
|
|
# support 'tun' interfaces, so if you are
|
|
# connecting to such a platform, you must also
|
|
# use a 'tun' interface on the Windows side.
|
|
|
|
# Enable 'dev tap' or 'dev tun' but not both!
|
|
dev tap
|
|
|
|
# This is a 'dev tap' ifconfig that creates
|
|
# a virtual ethernet subnet.
|
|
# 10.3.0.1 is the local VPN IP address
|
|
# and 255.255.255.0 is the VPN subnet.
|
|
# Only define this option for 'dev tap'.
|
|
ifconfig 10.3.0.1 255.255.255.0
|
|
|
|
# This is a 'dev tun' ifconfig that creates
|
|
# a point-to-point IP link.
|
|
# 10.3.0.1 is the local VPN IP address and
|
|
# 10.3.0.2 is the remote VPN IP address.
|
|
# Only define this option for 'dev tun'.
|
|
# Make sure to include the "tun-mtu" option
|
|
# on the remote machine, but swap the order
|
|
# of the ifconfig addresses.
|
|
;tun-mtu 1500
|
|
;ifconfig 10.3.0.1 10.3.0.2
|
|
|
|
# If you have fragmentation issues or misconfigured
|
|
# routers in the path which block Path MTU discovery,
|
|
# lower the TCP MSS and internally fragment non-TCP
|
|
# protocols.
|
|
;fragment 1300
|
|
;mssfix
|
|
|
|
# If you have set up more than one TAP-Win32 adapter
|
|
# on your system, you must refer to it by name.
|
|
;dev-node my-tap
|
|
|
|
# You can generate a static OpenVPN key
|
|
# by selecting the Generate Key option
|
|
# in the start menu.
|
|
#
|
|
# You can also generate key.txt manually
|
|
# with the following command:
|
|
# openvpn --genkey --secret key.txt
|
|
#
|
|
# key must match on both ends of the connection,
|
|
# so you should generate it on one machine and
|
|
# copy it to the other over a secure medium.
|
|
# Place key.txt in the same directory as this
|
|
# config file.
|
|
secret key.txt
|
|
|
|
# Uncomment this section for a more reliable
|
|
# detection when a system loses its connection.
|
|
# For example, dial-ups or laptops that travel
|
|
# to other locations.
|
|
#
|
|
# If this section is enabled and "myremote"
|
|
# above is a dynamic DNS name (i.e. dyndns.org),
|
|
# OpenVPN will dynamically "follow" the IP
|
|
# address of "myremote" if it changes.
|
|
; ping-restart 60
|
|
; ping-timer-rem
|
|
; persist-tun
|
|
; persist-key
|
|
; resolv-retry 86400
|
|
|
|
# keep-alive ping
|
|
ping 10
|
|
|
|
# enable LZO compression
|
|
comp-lzo
|
|
|
|
# moderate verbosity
|
|
verb 4
|
|
mute 10
|