| | 1 | = OpenVPN Configuration file for CSLab VPN Server = |
| | 2 | |
| | 3 | === General server parameters === |
| | 4 | {{{ |
| | 5 | #daemon # Linux ONLY |
| | 6 | mode p2p |
| | 7 | remote 147.102.3.30 5000 |
| | 8 | proto udp |
| | 9 | dev tap |
| | 10 | }}} |
| | 11 | === Keep alive settings === |
| | 12 | {{{ |
| | 13 | persist-tun |
| | 14 | persist-key |
| | 15 | }}} |
| | 16 | |
| | 17 | === Security context === |
| | 18 | {{{ |
| | 19 | mlock # Linux ONLY |
| | 20 | user nobody # Linux ONLY |
| | 21 | group nogroup # Linux ONLY |
| | 22 | }}} |
| | 23 | === Logging === |
| | 24 | {{{ |
| | 25 | verb 3 |
| | 26 | comp-lzo |
| | 27 | }}} |
| | 28 | === Routing at the client side. Redirects *all* traffic to VPN (default gateway) === |
| | 29 | {{{ |
| | 30 | client |
| | 31 | route-delay 0 60 |
| | 32 | #redirect-gateway # (αν θέλουμε default gw το cslab) |
| | 33 | route remote_host 255.255.255.255 net_gateway # (για να βλέπουμε τον 147.102.3.30) |
| | 34 | #route-gateway 147.102.3.200 |
| | 35 | #route 0.0.0.0 0.0.0.0 vpn_gateway |
| | 36 | route-method exe |
| | 37 | #show-net-up |
| | 38 | float |
| | 39 | }}} |
| | 40 | === SSL/TLS settings === |
| | 41 | {{{ |
| | 42 | tls-client |
| | 43 | ca cslab-ca-cert.pem |
| | 44 | cert cslab-vpn-USER.cert |
| | 45 | key cslab-vpn-USER.key |
| | 46 | |
| | 47 | tls-auth keys/cslab/cslab-vpn-static.txt |
| | 48 | }}} |
| | 49 | === Validate the CN of the server certificate, to prevent man-in-the-middle attacks === |
| | 50 | `tls-remote transporter.cslab.ece.ntua.gr` |
| | 51 | |
| | 52 | === non-default cipher, must be set at all clients === |
| | 53 | `cipher AES-256-CBC` |
![(please configure the [header_logo] section in trac.ini)](/chrome/site/cslab-logo.png){kind=logo}
