public/fs/etc/openvpn/hostvpn.conf.in


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

port         @vpn_port@
proto        udp

dev          tun0
topology     subnet

cipher       AES-256-CBC

ca           /etc/easy-rsa/pki/ca.crt
cert         /etc/easy-rsa/pki/issued/@hostname@.crt

askpass      /srv/webroot/openvpn/@hostname@.pass
key          /etc/easy-rsa/pki/private/@hostname@.key
dh           /etc/easy-rsa/pki/dh.pem

status       /var/log/openvpn/openvpn-status.log
log-append   /var/log/openvpn/openvpn.log

server       @vpn_net4@ 255.255.255.0
server-ipv6  @host_ipv6@:8000::/65

push         "route-ipv6 2000::/3"
push         "route-ipv6 host_ipv6::/64"
push         "route 192.168.0.0 255.255.255.0"

push         "block-outside-dns"
push         "redirect-gateway def1"
push         "dhcp-option DNS @vpn_ipv4@"

duplicate-cn
client-to-client

daemon
auth-nocache

persist-key
persist-tun

verb          3
keepalive     20    60