Initial commit
This commit is contained in:
205
FLR-BRB/openvpn/home-flr/juergen.conf
Normal file
205
FLR-BRB/openvpn/home-flr/juergen.conf
Normal file
@ -0,0 +1,205 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-flr.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDzjCCAzegAwIBAgIJAPf/MOnEeNJTMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczEPMA0GA1UEAxMG
|
||||
VlBOLUNBMRQwEgYDVQQpEwtWUE4tRkxSLUJSQjEdMBsGCSqGSIb3DQEJARYOYXJn
|
||||
dXNAb29wZW4uZGUwHhcNMTIxMTExMTgyMzU5WhcNMzIxMTA2MTgyMzU5WjCBoTEL
|
||||
MAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8w
|
||||
DQYDVQQKEwZvLm9wZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxDzANBgNV
|
||||
BAMTBlZQTi1DQTEUMBIGA1UEKRMLVlBOLUZMUi1CUkIxHTAbBgkqhkiG9w0BCQEW
|
||||
DmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIdp+t
|
||||
lUB/nx3JqiZiBEkyTK2m+uH/hes4wYTpmbRY2x1YJtwQegX/sfxuu0n1xA42gON0
|
||||
eOBc2v/MmKzrGP+VP2VxWBhR/VnJsPeFTJJvD6ioM+jc9xNeZFNgHibRw4vzipyK
|
||||
ALQJK6gJ3COvhb3YWOul3njUGgZZkaikPMuTQQIDAQABo4IBCjCCAQYwHQYDVR0O
|
||||
BBYEFFb+8DvjraReG34P1h/k6dWObxLWMIHWBgNVHSMEgc4wgcuAFFb+8DvjraRe
|
||||
G34P1h/k6dWObxLWoYGnpIGkMIGhMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
|
||||
bGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQ
|
||||
bmV0d29yayBzZXJ2aWNlczEPMA0GA1UEAxMGVlBOLUNBMRQwEgYDVQQpEwtWUE4t
|
||||
RkxSLUJSQjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQD3/zDpxHjS
|
||||
UzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBADPFDfqCtYtsS/NxGVYc
|
||||
hgxKsA9S/kBifNbde0e6nmPBgufW+O3uPrkvg7Wx2EayxMhX/dVrAYm8NSNCdWXV
|
||||
5ra0lu6cTI8rwWt404e0F/o0v6u+5eWHFxSF0lDJIVhwvvVoiAUJQw8h+BlI5PYO
|
||||
JcHZCQoQE1/RE6Xp+0xgTXvW
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEuTCCBCKgAwIBAgIBEjANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
|
||||
ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxDzANBgNVBAMTBlZQTi1DQTEU
|
||||
MBIGA1UEKRMLVlBOLUZMUi1CUkIxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVu
|
||||
LmRlMB4XDTE3MTAyNDAxMzQzM1oXDTI3MTAyMjAxMzQzM1owga4xCzAJBgNVBAYT
|
||||
AkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMG
|
||||
by5vcGVuMRkwFwYDVQQLExBuZXR3b3JrIHNlcnZpY2VzMRwwGgYDVQQDExNWUE4t
|
||||
RkxSLUJSQi1qdWVyZ2VuMRQwEgYDVQQpEwtWUE4gRkxSLUJSQjEdMBsGCSqGSIb3
|
||||
DQEJARYOYXJndXNAb29wZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
|
||||
AoIBAQCbcT8YKpUSZXTqr+4DmcrBRImukIl/TuDzNiLCtXmQmXPQ7BxpfQAqpki2
|
||||
/xKdqMD9zz9UKemwej3J6GZu2GpeXmDFiOGWxNDyjzB2n32hg9jLztl7K5yImyS/
|
||||
WJyhDhkfVkvSlSDFY2aONywpbyOSkKTwoQMba7+lHzGcK1ogGeqLFtKPPymhp7Hw
|
||||
hrSlxDT81Sgdoyrck4Q3ERrWdV9MlFYjJ+mSVc0LF44YRP+HuZD/BjyMZM245dWS
|
||||
Me5AM7XsXNURgmBXMvvZYhlqOmodPJ300RAf3Bm+LHwKuJsx5CHyIP9+Q8mLJKny
|
||||
Ryww6VlKiB0HasdI2466pDl5cmjxAgMBAAGjggFsMIIBaDAJBgNVHRMEAjAAMC0G
|
||||
CWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYD
|
||||
VR0OBBYEFBD13+ToD3+TqfZlR+sVdmtWguBBMIHWBgNVHSMEgc4wgcuAFFb+8Dvj
|
||||
raReG34P1h/k6dWObxLWoYGnpIGkMIGhMQswCQYDVQQGEwJERTEPMA0GA1UECBMG
|
||||
QmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UE
|
||||
CxMQbmV0d29yayBzZXJ2aWNlczEPMA0GA1UEAxMGVlBOLUNBMRQwEgYDVQQpEwtW
|
||||
UE4tRkxSLUJSQjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQD3/zDp
|
||||
xHjSUzATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEgYDVR0RBAsw
|
||||
CYIHanVlcmdlbjANBgkqhkiG9w0BAQsFAAOBgQAyqNVmA6YQXmkLSqYklZ0ZHu5S
|
||||
07URoL3ouY0NGoOzG7zTsnaPYcqp7gYNfW6Bs6J0hc9kmh95aWEfj+EcL15OQ6wP
|
||||
8W4ei0pbNNPoKem851DYiDbFA5FTbh5khd1ba891HrHuBll4XmJTblwU48AL89j2
|
||||
KMUGFiL+tYBc2XRHnQ==
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI5cJs+DRA7GwCAggA
|
||||
MBQGCCqGSIb3DQMHBAhKECB4U6HVGgSCBMiITLbqpSHVKSBnOcUgt8xKlUWYbYaJ
|
||||
tXzPgTRzWnMOT466ryIik9wrDKtMupE6oVWigc58zY6sA96M+wOy5jSXfa9ON5gQ
|
||||
uuFfQYrAAjMcVvC4sO0meAlyEPKraphvvq+MdJnae3DwzR/v1xRk87gBMaXA/vYL
|
||||
mIn/w2jPaeQmBjEmKEfggwgCx6x5Eb4GL+K8cEw/EAU3oJBo71KwRsQZ5T4bXxUJ
|
||||
8bmEZoUGS+Dugv7mRE2xXVv277wqKgpubadZUjw1K29lvhSeYT1EDGCXYz7thl3K
|
||||
98F1mw3DpGdctQ3uaA1uLWrgMys67ZDRciazHWD6YCQOhX6YpjIwU7dCGJe8vpDz
|
||||
+My3VTIMQxUwLdaxB1ZHQAKBCrToNZKMxhfPVWDUgureq+05xcifBQ8aqr1v5HJN
|
||||
s2ciqtVKWd0uaJbwOhPMQJc6QTcvzHtKmjW2yeqHF/WmluIcUH3ddJ18d9SK8p28
|
||||
Uo7H5LAvfD45TWXzjQVnRrZNKCTGSGfosdW2Cd5xLfXLVxH6xRZZJLhg/umU+TLD
|
||||
lnQYLMh6kBJeatrk6+z9wTAVk4ctagqR6N4nTOv68ncfQ5XSpeHH8ZKi5/ZhvW8K
|
||||
eyjHQzxCAZyaMe2g5gymAtgSVlaJbILGVjJ3Pey++W4akvN30DpRmaXIwdSyrH3W
|
||||
w3zW93WzfDqN71a3vpaSojiwUGj0Fj6c1ptGUHIIGd3A59YhJQqAyEZc8dHwaXwp
|
||||
ojbiYtzX8yto7OMeenLNlLqJxSBLw2ztqibqtmI7C1/00O6ECUdyZEJqbwwFxbPb
|
||||
VmXv/luXvzmGkqBdoMvPe4hF4ii0srciezxsVlUMpde1gAG1mQTZBYvTRwALOInW
|
||||
GmjOHLwBShm9y2XRgiAzXnBvEP/dto6JbUDQMwmn3PwhSpiotqJY2CnR5GI7BDcu
|
||||
nCEf45tbYyNjPJVcki5vyHaTkfT2vpWG+4ixYEmrgimcJFN1yxFWTbZ0661qvW2z
|
||||
epXgiJCkliqniaXxqV7pcwNUYl4SIto9yqY0Iw9fEp7KE76rZrwzBYV5RXXohgWN
|
||||
0mHcyscJE3P8M9n0AMFFxN+YUKEk5xxkYD7vwIyvYVR+QbXrVecJtT4f5JPkaFSR
|
||||
s5+mUjUJ8EhTKLa1CS7i0vOX8lmnu9NgZdn+lzXPFbpIFHSKtaTtKvKVpQgoXhJB
|
||||
6nm+qQVMScDMR/6XDXr9IC1ujV4rlYmpJCBKZzTeRAoykkw6LPfLyyQwMJJ/9Z7T
|
||||
53xrJ+wNy2ZioBwZxjd6z2ZGbkmLMRMZXdA48W4OSN7rm7CozhJNq12G7svmjwDs
|
||||
zS8y7UIFc+qbAiZd/CiBsR1B4j9uIeCCj9tc9iNYc2j3d+AZRr94hxOuqmHQEYyF
|
||||
5vzsXZb6xd4YmMG/5PfQnd4wr3xCJHFAACpMioPSGmlr0Y+HnqCPdKshn9C0IBQ5
|
||||
ZEDUszNbdAKjPgHi+u2AaDzAZmKQ0DvA8CBijJmI7R8JCDzDcTYjLwhAJeJLtwxB
|
||||
BT/HwSiAy/tbazXyZBMEPk5MOsCok7tTe1fmI/igYUj2h+oyJYr9ymBU97IyyBes
|
||||
b+sm7SgLb+7dh58VhE8tlhihqrWVvHak5qkyvQI02ffAuOg809Pftsdki2LKMBsy
|
||||
svM=
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-serve
|
||||
ns-cert-type server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
670c1735182a2aa7373f3913f4bb9922
|
||||
1011f52b6004f688f702ee2eebf789de
|
||||
8e9a7cbbe597de15dcd0944cc77c63bb
|
||||
247ef4ec6beb0ab1ad0e68fd3224d9c3
|
||||
50f3536eb45f0582ab3deb4a84144e08
|
||||
4ab82c010550262a803f617826443ed5
|
||||
34ace631dd1115372b4b6d91523ebf9d
|
||||
5212960ff14b16776359a2c4a8a78672
|
||||
c6dd16d8e3bead764da1f39a267a5d2c
|
||||
e798d3f52e0d8ceb7cafde530cbff390
|
||||
7a099224465c3bde210bdc7e713dae1c
|
||||
05e190846e0bc7cc8e4c79427516eed3
|
||||
b580385daaef259dd823e67970ffd9f3
|
||||
125c3b6217f6622652f76f1da0ea96e5
|
||||
b9724b6abd8384f45f11d9b41a9afa7b
|
||||
34d1a506ef314806f46e64d46f4b53a7
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
Reference in New Issue
Block a user