|
|
@@ -0,0 +1,146 @@
|
|
|
+[stonevpn conf]
|
|
|
+# CA certificate file
|
|
|
+cacertfile = '/openvpn-pki/open/easy-rsa/keys/ca.crt'
|
|
|
+# CA private key file (make sure running user has read rights!)
|
|
|
+cakeyfile = '/openvpn-pki/open/easy-rsa/keys/ca.key'
|
|
|
+# This is needed to search for free IP-addresses
|
|
|
+openvpnconf = '/openvpn/openvpn/server.conf'
|
|
|
+# Search for free IP-adresses by parsing the files in this dir
|
|
|
+ccddir = '/openvpn/openvpn/ccd'
|
|
|
+# Temporary working dir (will be created if it doesn't exist)
|
|
|
+working = '/openvpn-pki/open/easy-rsa/client_keys'
|
|
|
+# OpenSSL configuration file
|
|
|
+opensslconf = '/openvpn-pki/open/easy-rsa/openssl.cnf.stonevpn'
|
|
|
+# push router ip (Only used with '--free-ip' parameter)
|
|
|
+pushrouter = '192.168.201.0'
|
|
|
+# Certificate Revocation List (CRL) file
|
|
|
+crlfile = '/openvpn-pki/open/easy-rsa/keys/stonevpn.crl'
|
|
|
+# if using password, which cipher method to use (openssl --help)
|
|
|
+cipher = 'des3'
|
|
|
+# prefix all files with:
|
|
|
+prefix = 'sds-'
|
|
|
+# For emailing generated files, specify SMTP server
|
|
|
+mail_server = '127.0.0.1'
|
|
|
+# Send CC to (leave blank (mail_cc = '') for none)
|
|
|
+mail_cc = 'admin@sdsys.ru'
|
|
|
+# Email 'From' address
|
|
|
+mail_from = 'stonevpn@sdsys.ru'
|
|
|
+# Mail body (HTML formatted), don't change keyword EMAILRECIPIENT
|
|
|
+mail_msg = "Hi EMAILRECIPIENT,<br><br>Attached with this e-mail are the generated configuration file and certificates for use with your VPN connection. PASSPHRASETXT If you have any questions, please contact <a href=mailto:support@sdsys.ru>support</a><br><br>Kind regards,<br><br>The Support department."
|
|
|
+# Text to include when specifying a passhprase. This will be inserted
|
|
|
+# in 'mail_msg' on placeholder PASSPRASETXT. If you don't use it, PASSPHRASETXT
|
|
|
+# will be blanked out. Also, don't change keyword OPENSSLPASS as this will be
|
|
|
+# replaced by the actual passphrase.
|
|
|
+mail_passtxt = '<br>For security purposes, your key is encrypted with this password:<p><b>OPENSSLPASS</b></p>You will be prompted for this password when establishing a connection.'
|
|
|
+
|
|
|
+[windows conf]
|
|
|
+# add options to be added to the configuration file here
|
|
|
+# it doesn't really matter what the variable's name is :)
|
|
|
+dev = 'dev tun'
|
|
|
+ip = 'remote gate41.infoclinica.ru'
|
|
|
+ip2 = 'remote gate42.infoclinica.ru'
|
|
|
+# uncomment the next 3 lines to add redundant routers:
|
|
|
+# remote-random
|
|
|
+resretry = 'resolv-retry 60'
|
|
|
+# ip2 = 'remote 23.45.67.89'
|
|
|
+port = 'port 1194'
|
|
|
+nobind = 'nobind'
|
|
|
+mssfix = 'mssfix 1300'
|
|
|
+client = 'client'
|
|
|
+tls = 'tls-client'
|
|
|
+# actually for the next 3 vars, the name _does_ matter since
|
|
|
+# we'll do some string replace stuff (to get the right filename)
|
|
|
+ca = 'ca cacertfile'
|
|
|
+cert = 'cert clientcertfile'
|
|
|
+key = 'key clientkeyfile'
|
|
|
+tlsauth = 'tls-auth ta.key 1'
|
|
|
+lzo = 'comp-lzo'
|
|
|
+ping = 'ping 10'
|
|
|
+pingrestart = 'ping-restart 30'
|
|
|
+pingtimer = 'ping-timer-rem'
|
|
|
+#persisttun = 'persist-tun'
|
|
|
+persistkey = 'persist-key'
|
|
|
+verb = 'verb 3'
|
|
|
+prot = 'proto udp'
|
|
|
+float = 'float'
|
|
|
+
|
|
|
+[unix conf]
|
|
|
+# add options to be added to the configuration file here
|
|
|
+# it doesn't really matter what the variable's name is :)
|
|
|
+dev = 'dev tun'
|
|
|
+ip = 'remote gate41.infoclinica.ru'
|
|
|
+ip2 = 'remote gate42.infoclinica.ru'
|
|
|
+# uncomment the next 3 lines to add redundant routers:
|
|
|
+# remote-random
|
|
|
+resretry = 'resolv-retry 60'
|
|
|
+# ip2 = 'remote 23.45.67.89'
|
|
|
+port = 'port 1194'
|
|
|
+nobind = 'nobind'
|
|
|
+mssfix = 'mssfix 1300'
|
|
|
+client = 'client'
|
|
|
+tls = 'tls-client'
|
|
|
+# actually for the next 3 vars, the name _does_ matter since
|
|
|
+# we'll do some string replace stuff (to get the right filename)
|
|
|
+ca = 'ca cacertfile'
|
|
|
+cert = 'cert clientcertfile'
|
|
|
+key = 'key clientkeyfile'
|
|
|
+tlsauth = 'tls-auth ta.key 1'
|
|
|
+lzo = 'comp-lzo'
|
|
|
+ping = 'ping 10'
|
|
|
+pingrestart = 'ping-restart 30'
|
|
|
+pingtimer = 'ping-timer-rem'
|
|
|
+#persisttun = 'persist-tun'
|
|
|
+persistkey = 'persist-key'
|
|
|
+verb = 'verb 3'
|
|
|
+prot = 'proto udp'
|
|
|
+float = 'float'
|
|
|
+
|
|
|
+
|
|
|
+[mac conf]
|
|
|
+# add options to be added to the configuration file here
|
|
|
+daemon = 'daemon'
|
|
|
+dev = 'dev tap'
|
|
|
+ip = 'remote gate32.sdsys.ru'
|
|
|
+# uncomment the next 3 lines to add redundant routers:
|
|
|
+# remote-random
|
|
|
+# resolv-retry 60
|
|
|
+# ip2 = 'remote 23.45.67.89'
|
|
|
+port = 'port 1194'
|
|
|
+mssfix = 'mssfix 1300'
|
|
|
+client = 'client'
|
|
|
+tlc = 'tls-client'
|
|
|
+# don't touch the next 3 var names:
|
|
|
+ca = 'ca /Library/openvpn/cacertfile'
|
|
|
+cert = 'cert /Library/openvpn/clientcertfile'
|
|
|
+key = 'key /Library/openvpn/clientkeyfile'
|
|
|
+tlsauth = 'tls-auth /Library/openvpn/ta.key 1'
|
|
|
+lzo = 'comp-lzo'
|
|
|
+ping = 'ping 10'
|
|
|
+pingrestart = 'ping-restart 30'
|
|
|
+pingtimer = 'ping-timer-rem'
|
|
|
+#persisttun = 'persist-tun'
|
|
|
+persistkey = 'persist-key'
|
|
|
+verb = 'verb 3'
|
|
|
+prot = 'proto udp'
|
|
|
+
|
|
|
+[android conf]
|
|
|
+# add options to be added to the configuration file here
|
|
|
+daemon = 'daemon'
|
|
|
+dev = 'dev tun'
|
|
|
+ip = 'remote web-gate.sdsys.ru'
|
|
|
+# uncomment the next 3 lines to add redundant routers:
|
|
|
+# remote-random
|
|
|
+# resolv-retry 60
|
|
|
+# ip2 = 'remote 23.45.67.89'
|
|
|
+port = 'port 1194'
|
|
|
+#mssfix = 'mssfix 1300'
|
|
|
+client = 'client'
|
|
|
+tlc = 'tls-client'
|
|
|
+lzo = 'comp-lzo'
|
|
|
+ping = 'ping 15'
|
|
|
+pingrestart = 'ping-restart 45'
|
|
|
+pingtimer = 'ping-timer-rem'
|
|
|
+#persisttun = 'persist-tun'
|
|
|
+persistkey = 'persist-key'
|
|
|
+verb = 'verb 3'
|
|
|
+prot = 'proto tcp'
|
Admin User