mirror of
https://github.com/pivpn/pivpn.git
synced 2024-12-18 19:00:15 +00:00
Phase 2 (of 3?): server.conf modifications for easy-rsa3
This commit is contained in:
Kaladin Light
parent
0b96cae1a3
commit
34e6e078e5
1 changed files with 8 additions and 7 deletions
|
|
@ -1,10 +1,11 @@
|
||||||
dev tun
|
dev tun
|
||||||
proto udp
|
proto udp
|
||||||
port 1194
|
port 1194
|
||||||
ca /etc/openvpn/easy-rsa/keys/ca.crt
|
ca /etc/openvpn/easy-rsa/pki/ca.crt
|
||||||
cert /etc/openvpn/easy-rsa/keys/server.crt
|
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
|
||||||
key /etc/openvpn/easy-rsa/keys/server.key
|
key /etc/openvpn/easy-rsa/pki/private/server.key
|
||||||
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
|
dh /etc/openvpn/easy-rsa/pki/dh1024.pem
|
||||||
|
topology subnet
|
||||||
server 10.8.0.0 255.255.255.0
|
server 10.8.0.0 255.255.255.0
|
||||||
# server and remote endpoints
|
# server and remote endpoints
|
||||||
ifconfig 10.8.0.1 10.8.0.2
|
ifconfig 10.8.0.1 10.8.0.2
|
||||||
|
|
@ -25,7 +26,7 @@ client-to-client
|
||||||
duplicate-cn
|
duplicate-cn
|
||||||
keepalive 10 120
|
keepalive 10 120
|
||||||
tls-version-min 1.2
|
tls-version-min 1.2
|
||||||
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
|
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
|
||||||
cipher AES-256-CBC
|
cipher AES-256-CBC
|
||||||
auth SHA256
|
auth SHA256
|
||||||
comp-lzo
|
comp-lzo
|
||||||
|
|
@ -33,8 +34,8 @@ user nobody
|
||||||
group nogroup
|
group nogroup
|
||||||
persist-key
|
persist-key
|
||||||
persist-tun
|
persist-tun
|
||||||
#crl-verify /etc/openvpn/crl.pem
|
#crl-verify /etc/openvpn/easy-rsa/pki/crl.pem
|
||||||
status /var/log/openvpn-status.log 20
|
status /var/log/openvpn-status.log 20
|
||||||
log /var/log/openvpn.log
|
log /var/log/openvpn.log
|
||||||
verb 1
|
verb 1
|
||||||
# This configuration file was originally written by Lauren Orsini at ReadWrite.
|
# Generated for use by PiVPN.io
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue