-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.conf
46 lines (31 loc) · 950 Bytes
/
server.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# this is a server configuration file
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
# this option is used only when running a DNS-sinkhole (Pihole) on the same machine
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.8.0.1"
# this options are used when there is no a DNS-server alongside the access server
# push "redirect-gateway def1 bypass-dhcp"
# push "dhcp-option DNS 208.67.222.222"
# push "dhcp-option DNS 208.67.220.220"
# this option is also necessary for the access server to work with Pihole properly
topology subnet
keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
verb 4
explicit-exit-notify 1