Initial commit
This commit is contained in:
214
OPP/openvpn/client-configs/tine.conf
Normal file
214
OPP/openvpn/client-configs/tine.conf
Normal file
@ -0,0 +1,214 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-opp.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDljCCAv+gAwIBAgIJANdEFItVo9+IMA0GCSqGSIb3DQEBBQUAMIGPMQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBm8ub3BlbjEZMBcGA1UECxMQbmV0d29yayBzZXJ2aWNlczETMBEGA1UEAxMK
|
||||
T1BQLVZwbi1jYTEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGUwHhcNMDgw
|
||||
NTE5MTMxNDA1WhcNMTgwNTE3MTMxNDA1WjCBjzELMAkGA1UEBhMCREUxDzANBgNV
|
||||
BAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4xGTAX
|
||||
BgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEzARBgNVBAMTCk9QUC1WcG4tY2ExHTAb
|
||||
BgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIGfMA0GCSqGSIb3DQEBAQUAA4GN
|
||||
ADCBiQKBgQC1RgTR9sLzgKQW/1iSnMYgrl0OIc9KUxg4lwnA0WcMTPk5iQrX6guV
|
||||
BAP6gTzf23qd1mwXqJDGIYaeA7D4KI3kKZdM6vCtKPZ+E2d4j8Kt5JzWAdy2fXVg
|
||||
75PCqY2KWfkAh8EGlxmGeSQCuDGqVeiL+ekbp0hx7M57Gst5yxN44wIDAQABo4H3
|
||||
MIH0MB0GA1UdDgQWBBThTcNr9HyBexayzG0kbMrdm5NT4zCBxAYDVR0jBIG8MIG5
|
||||
gBThTcNr9HyBexayzG0kbMrdm5NT46GBlaSBkjCBjzELMAkGA1UEBhMCREUxDzAN
|
||||
BgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9wZW4x
|
||||
GTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEzARBgNVBAMTCk9QUC1WcG4tY2Ex
|
||||
HTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlggkA10QUi1Wj34gwDAYDVR0T
|
||||
BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBgKYEcUleLw/trPJbbeI/s0ZKRGVki
|
||||
nk7jY7+k8qa88FqrTP3V7pgGnWunINBgTBxM1dH/H4p8DXiIGWJrY7KCddIJSA5J
|
||||
JiX7UJBXFQDXflP+MhqIdHfGjd37djMqUD2//WLAKuahxNSuf4L9FfoeNGghlYKX
|
||||
Y/hjEv3y78V8QA==
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEhzCCA/CgAwIBAgIBLTANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
|
||||
ZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEzARBgNVBAMTCk9QUC1WcG4t
|
||||
Y2ExHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMB4XDTE4MDMyODExMTYy
|
||||
MFoXDTM4MDMyODExMTYyMFowgaMxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJs
|
||||
aW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBu
|
||||
ZXR3b3JrIHNlcnZpY2VzMRUwEwYDVQQDEwxPUFAtVnBuLXRpbmUxEDAOBgNVBCkT
|
||||
B09QUC1WcG4xHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIIBIjANBgkq
|
||||
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50omlH/EGN/wsMPXSLcKnjcGPkfYDW0b
|
||||
VJz7gECICBxbXPVRbdtoxKTjv8agwtdjQAWnz/QQdwkxkkFedQfZTmyoosefS9BH
|
||||
CYgQ8Qi2Ecsn82tsv+UqsGG9JAToOAxBQ3pRh5miMP7W3ZXtn/czkZLFktQcaEg/
|
||||
nsg1nyruueJKVTfDKz4EeC3NfEAFAC4pkoWMJWABCXxSfSinPiItxrQVaRTPFBz/
|
||||
gZc7+Se2xmp8KYZm0oZs10Fo4Gij10HsJXKFi1+xONo5pDWTWPRupLLwkWVqAe/U
|
||||
+198AT9CbMkXEyRVKh3IvEMpYInAfsibhR1+i6RD+6QUCmH6daly7wIDAQABo4IB
|
||||
VzCCAVMwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJh
|
||||
dGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSYxQH+ro6ZoC5i6w6LN3taxROr+DCB
|
||||
xAYDVR0jBIG8MIG5gBThTcNr9HyBexayzG0kbMrdm5NT46GBlaSBkjCBjzELMAkG
|
||||
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
|
||||
VQQKEwZvLm9wZW4xGTAXBgNVBAsTEG5ldHdvcmsgc2VydmljZXMxEzARBgNVBAMT
|
||||
Ck9QUC1WcG4tY2ExHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlggkA10QU
|
||||
i1Wj34gwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMA8GA1UdEQQI
|
||||
MAaCBHRpbmUwDQYJKoZIhvcNAQELBQADgYEAibRKSFGTe5RySYDZ2js5DfR8vSLa
|
||||
itT3m6c+/cAMXw3gbsFWkS7sWDnbIITTjtGKbCOBqvzFSWAjXN7RPStYWZ2Vgnbj
|
||||
EFYYsqwRnUZ2oQAkaqb4EWOK388QzcHalJEje59sqL50HbuivjCsvooWxDgf86A1
|
||||
adoBSkjcWSDYTII=
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIF/vrJSsqA4MCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECBEetYsU2fdyBIIEyB5TzrKMZaI/
|
||||
+apP3cyZt/GY3fTquGzdfxuZtc4PiFVEsbPrFAen+TZPPw9RITvOTJOJBBwGWgYN
|
||||
QtKmGSw5ns4/xM44pVS3jI2CkP5XxNiFTQYwQ+9xiSUjsxzKLn2EbsBhuLVB+8oE
|
||||
3MAomBNdLBVaiL1Pb5sKG5IfTprKnPCg6B0/CL5i6woH0cTw9usSuY1p2m8fMsKn
|
||||
00mP71V/RP0WzLkbdhUI5pYNe1OLlo6IEp32L1Df4iILbdqMhIhOfZgG9ODGa0rP
|
||||
2yPOaU8YHYdTvXwtr9Tdcu4Gh3aKppz1v5UA4McbAbs2TG5org7vLqg8BKx/ne0t
|
||||
+9K3oRZEA7dIwIOnmO/jowrMngQsldKUSS7GktObSn4pu5E3ElPjdRzJAZvbM5qe
|
||||
aKv0zAt2L7zEATPJ4p5bOhAHseYTm2Nf9rzYV3zppQHKPXllrmli0IWoaUIWvdYD
|
||||
0DMWg+OBevcF7azfE+AhbvVQ2WMmtqrgvN31MtenwaBrWh2U6FP+ctCe/026EqAO
|
||||
2hj5wqgOWA7n09+IswTRM6ApNFI/2bNqWIDXlAjhH8PVDa6UMxTf/2t9zmfP4fT1
|
||||
f0i2fNMetLAznhX3N5BawXLHXvFC1C7Lf4vuptJS/oHQevocq7Ke03XEjIB00KAR
|
||||
XI5G22x+FIoPMWgY65AWsLT4UgttWODdUc6h37pKthBaZR3wqhKNN5XhJut6kbRG
|
||||
X8o1YdunTRvNp77wAA0aaRbeLGS4B7gTZ7EBIZ8OTDn0onYB7Ra/pJFkEizgnbQn
|
||||
qKwZadSBBUN7KSdMDQepU8zwnQ5S9uLmlY/YF0a9M+mhyqt270kxGhi5Z0EoNaOz
|
||||
NG/20/FZshZ07CzzGhWNCotVrQCsSpT7QSYbVlC4w/VPDUiAdZDS66sQ65lNKL6A
|
||||
+2ILYcBaB2Z2lZ1pf0h07csMa+XHhoAZvzOw2iHmXl0rJkDmZSpqe6tWAQagbRS9
|
||||
Gz77j8UimJpf1WxOpvCHUEqv6baTQE/NhN7iuz4ZSmN4n/yjXyeAlYZNB1oxuKtv
|
||||
LQUG7fMel7hwT5Mzkw16v8VD4q/ZVytPho8+VqvAthCxkEJKoJui0SHk4KzqBsaQ
|
||||
jFf2eaR4lPDkywd01weBb14kcqXxEDnZ4heeqRcytZPrw2BlHdhcDF7bDYlISxNH
|
||||
b+dACg43JmQCVYpDDBOKafB5lSTHKV1zDHmChqq+MCEUyW1gGkNK/DOcbMToQ9lQ
|
||||
4WjxvPCWwIcOwrGtgYfakkfIsK+CbFdR1kQ1uUBzpSpRUzwMdndC3+cZ6YoMvl1o
|
||||
ICu0oF7af23JYo0iiCcTpVmuU2tKm2psRcjjUiVabLDRVj4Uk6sw8v0HyznHDwWC
|
||||
Y8pHgeQhQx5SSpy2p/w7gbxHKxlrwpwfxZNvRDmx9SMZgbUlM/MNjx171ORaDr+V
|
||||
eGDUKsqE5p7pYkWrSWp4oK1wX8dA4qzm2bu6tNpANYdJghxrsgGMeO03AX1kQOSr
|
||||
uwv5e/PX4COqN2Tk+9B7k0i8FWUf0DuRlLfVuUZ23Cj2b7APhBFS/OH09IN9U7w5
|
||||
lvMTHgLRr3u41KKfDwFOS9srKqvL3ZVAxa/nuGoVNGBhY/GXMoxXL2KF8GLBTMsO
|
||||
S3Z9EBDJyV3qcr98xfQdbw==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
ff2b7b56af351769ba703f874d389327
|
||||
2e8fed8405df740d51d58eff3eb25af3
|
||||
d6de19376333a9b05aa72f8b90124bbf
|
||||
5ea3085029070d28952a1fe9baa392fc
|
||||
4865bd5dbc58a4ccfc373d2ce772a217
|
||||
17f099df7d2354e404ae7690cbc50002
|
||||
151667c2af583705bd3896327917327a
|
||||
a8b2c9073e58b7deabb3ad04336170b9
|
||||
6fcce57b50827b0f393b7d1f0a7f6299
|
||||
d15140e46f6108983234eb53b0a6d56c
|
||||
6ce3815bc7f5ec9f52bc7eb680562b4f
|
||||
1241f1378b774491ca817b56f1d5ba09
|
||||
c25e8a4dff3610c60e4f9f3c306c15af
|
||||
8a70829075343f2ab24d61560804c78a
|
||||
dda39ceb12e11a0079b59dcb607166e5
|
||||
567cbf1dc83c2f32f8ce1cb4576c12df
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
Reference in New Issue
Block a user