-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathsum-ca-ocserv.conf
41 lines (41 loc) · 1019 Bytes
/
sum-ca-ocserv.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#sed '/^#/d;/^$/d' /etc/ocserv/ocserv.conf > sum-ca-ocserv.conf
auth = "certificate"
isolate-workers = false
max-clients = 160
#同帐号登录不限制
max-same-clients = 0
tcp-port = 999
keepalive = 32400
dpd = 90
mobile-dpd = 600
try-mtu-discovery = true
server-cert = /etc/ocserv/server-cert.pem
server-key = /etc/ocserv/server-key.pem
ca-cert = /etc/ocserv/ca-cert.pem
cert-user-oid = 2.5.4.3
crl = /etc/ocserv/crl.pem
compression = true
tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT:-VERS-SSL3.0"
auth-timeout = 60
idle-timeout = 1200
mobile-idle-timeout = 2400
cookie-timeout = 300
deny-roaming = false
rekey-time = 172800
rekey-method = ssl
use-utmp = true
use-occtl = true
pid-file = /var/run/ocserv.pid
socket-file = /var/run/ocserv-socket
run-as-user = nobody
run-as-group = nogroup
device = vpns
predictable-ips = true
#服务器域名或者ip
default-domain = 1.2.3.4
ipv4-network = 192.168.10.0
ipv4-netmask = 255.255.255.0
dns = 8.8.4.4
dns = 8.8.8.8
ping-leases = false
cisco-client-compat = true