OpenVPN. Configuration file
If run automatic:
*.conf for linux *.opvn for M$
and file location:
M$: "C:\Program Files\OpenVPN\config\"
Linux: /etc/openvpn
In config file:
CLIENT/SERVER DESIGNATION:
SERVER: Don`t need any things
CLIENT:
TUN or TAP tunnel.
Transparent tunnel:
OpenVPN just tunnels the data without authentication, confidentiality, or integrity. In other words there is no security checks whatsoever, and the data can be read as it passes through the tunnel.
Server:
Server:
Server:
Server and Client:
Server and Client:
Static IP:
Server:
Server:
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.
*.conf for linux *.opvn for M$
and file location:
M$: "C:\Program Files\OpenVPN\config\"
Linux: /etc/openvpn
In config file:
CLIENT/SERVER DESIGNATION:
SERVER: Don`t need any things
CLIENT:
# SERVER IP ADDRESSTUNNEL MODE:
remote 100.0.0.1
#
TUN or TAP tunnel.
# ETHERNET OR IP TUNNELTUNNEL PORT:
# "dev tun" will create a routed IP tunnel
dev tun
# "dev tap" will create an Ethernet tunnel
dev tap
# use "dev tun" or "dev tap" but not both
# TCP OR UDP TUNNELOpenVPN security:
# TCP tunnel
proto tcp
# UDP tunnel is recommended
proto udp
# use TCP or UDP but not both
#
# TCP OR UDP PORT
port 1194
Transparent tunnel:
OpenVPN just tunnels the data without authentication, confidentiality, or integrity. In other words there is no security checks whatsoever, and the data can be read as it passes through the tunnel.
# Client AND Server configsPreshared keys:
# No integritiy (hash function
# algorithm)
auth none
# No encryption (cipher algorithm)
cipher none
# PRESHARED KEYSSSL/TLS:
# Linux system
static /home/user/openvpn/key.txt
# Windows system
static "C:\\Program Files\\OpenVPN\\config\\key.txt"
Server:
# SSL/TLS SERVERClient:
tls-server
# SSL/TLS CLIENTCertificates and public keys:
tls-client
Server:
# CERTIFICATES AND PRIVATE KEYClient:
# Authority certificate (CA public key)
ca ca.key
# Server certificate (server public key)
cert server.crt
# Server private key
key server.key
# CERTIFICATES AND PRIVATE KEYDiffie-Hellmann (DH) settings:
# Authority certificate (CA public key)
ca ca.key
# Client certificate (client public key)
cert client.crt
# Client private key
key client.key
Server:
# Diffie-Hellman settingsClient:
dh dh1024.pem
# No DH setting on the clientCIPHER ALGORITHM
#
Server and Client:
# CIPHER ALGORITHMHASH FUNCTION ALGORITHM
cipher AES-256-CBC
Server and Client:
# HASH FUNCTION ALGORYTHMIP ADDRESSES:
auth MD5
Static IP:
Server:
# IP ADDRESSINGClient:
# IP mode example: use subnet mask 30 ( routing)
# Server IP: 10.8.0.1 ; Client IP: 10.8.0.2
ifconfig 10.8.0.1 10.8.0.2
# Bridge mode example
# Server IP: 10.8.0.1
ifconfig 10.8.0.1 255.255.255.0
# Use bridged or routed settings but not
# both
# Client and Server must use the same
# tunnel mode
# IP ADDRESSINGDHCP:
# IP mode example:
# Server IP: 10.8.0.1 ; Client IP: 10.8.0.2
ifconfig 10.8.0.2 10.8.0.1
# Bridge mode example
# Client IP: 10.8.0.2
ifconfig 10.8.0.2 255.255.255.0
# Use bridged or routed settings but not
# both
# Client and Server must use the same
# tunnel mode
Server:
# DHCP SETTINGSClient:
# DHCP range
# Server will take the first IP address
server 10.8.0.0 255.255.255.0
# CLIENT ACCEPTS SERVER OPTIONSRun:
# The client should accept options pushed
# by the server
pull
#openvpn path-to-config-file------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.
Comments