applications/luci-app-openvpn/root/etc/config/openvpn_recipes


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101

#
# Routed point-to-point server
#
config openvpn_recipe server_tun_ptp
	option _description	'Simple server configuration for a routed point-to-point VPN'
	option _role		'server'
	option dev		'tun'
	option ifconfig		'10.0.0.1 10.0.0.2'
	option secret		'shared-secret.key'
	option keepalive	'10 60'
	option comp_lzo		'yes'
	option verb		'3'
	option mssfix		'1420'

#
# Routed point-to-point client
#
config openvpn_recipe client_tun_ptp
	option _description	'Simple client configuration for a routed point-to-point VPN'
	option _role		'client'
	option dev		'tun'
	list remote		'vpnserver.example.org'
	option ifconfig		'10.0.0.2 10.0.0.1'
	option secret		'shared-secret.key'
	option nobind		'1'
	option comp_lzo		'yes'
	option verb		'3'

#
# Routed multi-client server
#
config openvpn_recipe server_tun
	option _description	'Server configuration for a routed multi-client VPN'
	option _role		'server'
	option dev		'tun'
	option server		'10.0.100.0 255.255.255.0'
	option ca		'ca.crt'
	option cert		'server.crt'
	option key 		'server.key'
	option dh 		'dh1024.pem'
	option keepalive	'10 60'
	option comp_lzo		'yes'
	option verb		'3'
	option mssfix		'1420'

#
# Routed client
#
config openvpn_recipe client_tun
	option _description	'Client configuration for a routed multi-client VPN'
	option _role		'client'
	option client		'1'
	option dev		'tun'
	list remote		'vpnserver.example.org'
	option pkcs12		'my_client.p12'
	option remote_cert_tls	'server'
	option comp_lzo		'yes'
	option nobind		'1'
	option persist_key	'1'
	option persist_tun	'1'
	option verb		'3'
	option reneg_sec	'0'
	option float		'1'

#
# Multi-client ethernet bridge server
#
config openvpn_recipe server_tap_bridge
	option _description	'Server configuration for an ethernet bridge VPN'
	option _role		'server'
	option dev		'tap'
	option server_bridge	'192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254'
	option ca		'ca.crt'
	option cert		'server.crt'
	option key 		'server.key'
	option dh 		'dh1024.pem'
	option keepalive	'10 60'
	option comp_lzo		'yes'
	option verb		'3'
	option mssfix		'1420'

#
# Ethernet bridge client
#
config openvpn_recipe client_tap_bridge
	option _description	'Client configuration for an ethernet bridge VPN'
	option _role		'client'
	option client		'1'
	option dev 		'tap'
	list remote		'vpnserver.example.org'
	option ca 		'ca.crt'
	option cert		'my_client.crt'
	option key 		'my_client.key'
	option dh 		'dh1024.pem'
	option remote_cert_tls	'server'
	option comp_lzo		'yes'
	option nobind		'1'
	option persist_key	'1'
	option verb		'3'
	option reneg_sec	'0'
	option float		'1'