Sitemap

This is an old revision of the document!

Simple configuration

Server side

 port 1011
 proto udp
 dev tun1
 daemon
 writepid /var/run/openvpn.pid
 ca /etc/openvpn/certs/ca.pem
 cert /etc/openvpn/certs/cert.pem
 key /etc/openvpn/certs/.key
 dh /etc/openvpn/certs/dh1024.pem
 server 192.168.240.8 255.255.255.248
 client-config-dir /etc/openvpn/ccd
 ccd-exclusive
 push "route 10.10.50.32 255.255.255.224"
 client-to-client
 keepalive 10 120
 comp-lzo
 tls-auth /etc/openvpn/certs/ta.key 0 # This file is secret
 cipher AES-256-CBC        
 max-clients 5
 user nobody
 group nogroup
 persist-key
 persist-tun
 log     /var/log/openvpn/vpn.log
 status  /var/log/openvpn/vpn.status
 verb 4
 mute 10

# To create the dh512.pem or dh1024.pem:

      % # openssl gendh -rand rand.dat -out dh1024.pem
      % openssl dhparam -check -text -5 512     -out   dh512.pem
      % openssl dhparam -check -text -5 1024  -out  dh1024.pem