OPENVPN - Client Config Template

From Wiki.IT-Arts.net
Revision as of 19:33, 27 March 2020 by imported>Z (Created page with "Category:Public_Pages <nowiki> ##### Mode client ##### Server Address / Port remote V.W.X.Y 443 ##### Encryption cipher AES-256-CBC auth SHA256 ##### Compression comp...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


##### Mode
client

##### Server Address / Port
remote V.W.X.Y 443

##### Encryption
cipher AES-256-CBC
auth SHA256

##### Compression
comp-lzo yes

##### Interface
dev tun

##### Protocol tcp/udp
proto tcp

#####
nobind

#####
persist-key
persist-tun

##### OpenVPN Process User (not on windows!)
user nobody
group nogroup

##### Authentication
auth-user-pass auth.nfo
auth-nocache

##### TA key direction (see server config file)
key-direction 1

##### Retry to connect every...
resolv-retry 20

##### Script credentials & security level
# script-security 2

##### Script to invoke at VPN start
# up ovpn-startup.sh



<ca>
-----BEGIN CERTIFICATE-----
MIIGvTCCBKWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmjELMAkGA1UEBhMCRlIx
...
...
...
ACeykGxB+El7Oag8Qbki4USc5v9H/PqtnkBq1CXFfu+KR8/vzu6isjWiGf7gxjoP
3g==
-----END CERTIFICATE-----
</ca>


<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
1a480e753f430bb81e75d93135134d17
...
...
...
d388c5b8370a946aeba034ce3085faf0
-----END OpenVPN Static key V1-----
</tls-auth>


<key>
-----BEGIN PRIVATE KEY-----
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDEX+yiM5ev8r6C
M4ZL2GFXDI15HS2EGLrQsbc/IRsaPiiK4xEwGLYUF+xn+DRVltC5oiJS0bc2afPc
...
...
...
C5Pp1PhyC2sjVHsOdsvSZbA/zJnewcpQt+q7aLFTPx1C1+qZueC6WX2WpGtCcptj
gUiXQSGfwL7uTJIPdort6hU4brTwzGQQ
-----END PRIVATE KEY-----
</key>


<cert>
-----BEGIN CERTIFICATE-----
MIIHGCCBQKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBmjELMAkGA1UEBhMCRlIx
...
...
...
hejiL++1LFmFKRxXkor0/rHU0/v9iQ9Ica5e+uJiM9xYMvRrer/4xiOqJlSEuQ==
-----END CERTIFICATE-----
</cert>