Home Explore Help
Sign In
iru
/
openvpn
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: e1bc03d6a3
Branches Tags
openvpn
/
stonevpn.conf

stonevpn.conf 4.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 
  1. [stonevpn conf]
    2. 

  2. # CA certificate file
    3. 

  3. cacertfile = '/openvpn-pki/open/easy-rsa/keys/ca.crt'
    4. 

  4. # CA private key file (make sure running user has read rights!)
    5. 

  5. cakeyfile = '/openvpn-pki/open/easy-rsa/keys/ca.key'
    6. 

  6. # This is needed to search for free IP-addresses
    7. 

  7. openvpnconf = '/openvpn/openvpn/server.conf'
    8. 

  8. # Search for free IP-adresses by parsing the files in this dir
    9. 

  9. ccddir = '/openvpn/openvpn/ccd'
    10. 

  10. # Temporary working dir (will be created if it doesn't exist)
    11. 

  11. working = '/openvpn-pki/open/easy-rsa/client_keys'
    12. 

  12. # OpenSSL configuration file
    13. 

  13. opensslconf = '/openvpn-pki/open/easy-rsa/openssl.cnf.stonevpn'
    14. 

  14. # push router ip (Only used with '--free-ip' parameter) 
    15. 

  15. pushrouter = '192.168.201.0'
    16. 

  16. # Certificate Revocation List (CRL) file
    17. 

  17. crlfile = '/openvpn-pki/open/easy-rsa/keys/stonevpn.crl'
    18. 

  18. # if using password, which cipher method to use (openssl --help)
    19. 

  19. cipher = 'des3'
    20. 

  20. # prefix all files with:
    21. 

  21. prefix = 'sds-'
    22. 

  22. # For emailing generated files, specify SMTP server
    23. 

  23. mail_server = '127.0.0.1'
    24. 

  24. # Send CC to (leave blank (mail_cc = '') for none)
    25. 

  25. mail_cc = 'admin@sdsys.ru'
    26. 

  26. # Email 'From' address 
    27. 

  27. mail_from = 'stonevpn@sdsys.ru'
    28. 

  28. # Mail body (HTML formatted), don't change keyword EMAILRECIPIENT
    29. 

  29. mail_msg = "Hi EMAILRECIPIENT,<br><br>Attached with this e-mail are the generated configuration file and certificates for use with your VPN connection. PASSPHRASETXT If you have any questions, please contact <a href=mailto:support@sdsys.ru>support</a><br><br>Kind regards,<br><br>The Support department."
    30. 

  30. # Text to include when specifying a passhprase. This will be inserted 
    31. 

  31. # in 'mail_msg' on placeholder PASSPRASETXT. If you don't use it, PASSPHRASETXT
    32. 

  32. # will be blanked out. Also, don't change keyword OPENSSLPASS as this will be 
    33. 

  33. # replaced by the actual passphrase.
    34. 

  34. mail_passtxt = '<br>For security purposes, your key is encrypted with this password:<p><b>OPENSSLPASS</b></p>You will be prompted for this password when establishing a connection.'
    35. 

  35. 

  36. [windows conf]
    37. 

  37. # add options to be added to the configuration file here
    38. 

  38. # it doesn't really matter what the variable's name is :)
    39. 

  39. dev = 'dev tun'
    40. 

  40. ip = 'remote gate41.infoclinica.ru'
    41. 

  41. ip2 = 'remote gate42.infoclinica.ru'
    42. 

  42. # uncomment the next 3 lines to add redundant routers:
    43. 

  43. # remote-random
    44. 

  44. resretry = 'resolv-retry 60'
    45. 

  45. # ip2 = 'remote 23.45.67.89'
    46. 

  46. port = 'port 1194'
    47. 

  47. nobind = 'nobind'
    48. 

  48. mssfix = 'mssfix 1300'
    49. 

  49. client = 'client'
    50. 

  50. tls = 'tls-client'
    51. 

  51. # actually for the next 3 vars, the name _does_ matter since
    52. 

  52. # we'll do some string replace stuff (to get the right filename)
    53. 

  53. ca = 'ca cacertfile'
    54. 

  54. cert = 'cert clientcertfile'
    55. 

  55. key = 'key clientkeyfile'
    56. 

  56. tlsauth = 'tls-auth ta.key 1'
    57. 

  57. lzo = 'comp-lzo'
    58. 

  58. ping = 'ping 10'
    59. 

  59. pingrestart = 'ping-restart 30'
    60. 

  60. pingtimer = 'ping-timer-rem'
    61. 

  61. #persisttun = 'persist-tun'
    62. 

  62. persistkey = 'persist-key'
    63. 

  63. verb = 'verb 3'
    64. 

  64. prot = 'proto udp'
    65. 

  65. float = 'float'
    66. 

  66. 

  67. [unix conf]
    68. 

  68. # add options to be added to the configuration file here
    69. 

  69. # it doesn't really matter what the variable's name is :)
    70. 

  70. dev = 'dev tun'
    71. 

  71. ip = 'remote gate41.infoclinica.ru'
    72. 

  72. ip2 = 'remote gate42.infoclinica.ru'
    73. 

  73. # uncomment the next 3 lines to add redundant routers:
    74. 

  74. # remote-random
    75. 

  75. resretry = 'resolv-retry 60'
    76. 

  76. # ip2 = 'remote 23.45.67.89'
    77. 

  77. port = 'port 1194'
    78. 

  78. nobind = 'nobind'
    79. 

  79. mssfix = 'mssfix 1300'
    80. 

  80. client = 'client'
    81. 

  81. tls = 'tls-client'
    82. 

  82. # actually for the next 3 vars, the name _does_ matter since
    83. 

  83. # we'll do some string replace stuff (to get the right filename)
    84. 

  84. ca = 'ca cacertfile'
    85. 

  85. cert = 'cert clientcertfile'
    86. 

  86. key = 'key clientkeyfile'
    87. 

  87. tlsauth = 'tls-auth ta.key 1'
    88. 

  88. lzo = 'comp-lzo'
    89. 

  89. ping = 'ping 10'
    90. 

  90. pingrestart = 'ping-restart 30'
    91. 

  91. pingtimer = 'ping-timer-rem'
    92. 

  92. #persisttun = 'persist-tun'
    93. 

  93. persistkey = 'persist-key'
    94. 

  94. verb = 'verb 3'
    95. 

  95. prot = 'proto udp'
    96. 

  96. float = 'float'
    97. 

  97. 

  98. 

  99. [mac conf]
    100. 

  100. # add options to be added to the configuration file here
    101. 

  101. daemon = 'daemon'
    102. 

  102. dev = 'dev tap'
    103. 

  103. ip = 'remote gate32.sdsys.ru'
    104. 

  104. # uncomment the next 3 lines to add redundant routers:
    105. 

  105. # remote-random
    106. 

  106. # resolv-retry 60
    107. 

  107. # ip2 = 'remote 23.45.67.89'
    108. 

  108. port = 'port 1194'
    109. 

  109. mssfix = 'mssfix 1300'
    110. 

  110. client = 'client'
    111. 

  111. tlc = 'tls-client'
    112. 

  112. # don't touch the next 3 var names:
    113. 

  113. ca = 'ca /Library/openvpn/cacertfile'
    114. 

  114. cert = 'cert /Library/openvpn/clientcertfile'
    115. 

  115. key = 'key /Library/openvpn/clientkeyfile'
    116. 

  116. tlsauth = 'tls-auth /Library/openvpn/ta.key 1'
    117. 

  117. lzo = 'comp-lzo'
    118. 

  118. ping = 'ping 10'
    119. 

  119. pingrestart = 'ping-restart 30'
    120. 

  120. pingtimer = 'ping-timer-rem'
    121. 

  121. #persisttun = 'persist-tun'
    122. 

  122. persistkey = 'persist-key'
    123. 

  123. verb = 'verb 3'
    124. 

  124. prot = 'proto udp'
    125. 

  125. 

  126. [android conf]
    127. 

  127. # add options to be added to the configuration file here
    128. 

  128. daemon = 'daemon'
    129. 

  129. dev = 'dev tun'
    130. 

  130. ip = 'remote web-gate.sdsys.ru'
    131. 

  131. # uncomment the next 3 lines to add redundant routers:
    132. 

  132. # remote-random
    133. 

  133. # resolv-retry 60
    134. 

  134. # ip2 = 'remote 23.45.67.89'
    135. 

  135. port = 'port 1194'
    136. 

  136. #mssfix = 'mssfix 1300'
    137. 

  137. client = 'client'
    138. 

  138. tlc = 'tls-client'
    139. 

  139. lzo = 'comp-lzo'
    140. 

  140. ping = 'ping 15'
    141. 

  141. pingrestart = 'ping-restart 45'
    142. 

  142. pingtimer = 'ping-timer-rem'
    143. 

  143. #persisttun = 'persist-tun'
    144. 

  144. persistkey = 'persist-key'
    145. 

  145. verb = 'verb 3'
    146. 

  146. prot = 'proto tcp'
    147.