Update 'Kanzlei-Kiel'.
This commit is contained in:
227
Kanzlei-Kiel/openvpn/client-configs/bjoern.conf
Normal file
227
Kanzlei-Kiel/openvpn/client-configs/bjoern.conf
Normal file
@ -0,0 +1,227 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ah.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
|
||||
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
|
||||
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
|
||||
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
|
||||
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
|
||||
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
|
||||
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
|
||||
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
|
||||
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
|
||||
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
|
||||
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
|
||||
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
|
||||
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
|
||||
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
|
||||
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
|
||||
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
|
||||
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
|
||||
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
|
||||
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
|
||||
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
|
||||
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
|
||||
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFbDCCBFSgAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
|
||||
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
|
||||
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
|
||||
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM2MTZaFw0zODA2MTky
|
||||
MTM2MTZaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
|
||||
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
|
||||
aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1iam9lcm4xGTAXBgNVBCkT
|
||||
EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl
|
||||
bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKwgvWjgVuT6zux9
|
||||
E5BRLsxUzscf/wMrUiiH0Jd7w9xlLJKt+zsdQstjVo8aONjZ8BJGmhwhKxEm9gKJ
|
||||
9LkIweMsgebzOC/Zrenu0GcShQUUNqehVGCfAi5FQrcAv2/swQIEyfLhMuLg/TvY
|
||||
h5p5/KO4oEAvEE96OTROvO74oTvsZbeAYJwid6nLkNiyJpa2mrjGNUSMab9HVtX0
|
||||
5u8oaQ7m4oGdvY07iyRrjGHHyR9PBIR3TlttDYLiCeVRR6KPECoTqY9dzZcdQp1q
|
||||
wyisRfSyc02PipjtR8t+oIte9ZMkmfTHtGyKp9K5BrPHIVuWJ2y8ECXGmiwiGXgR
|
||||
HRUBuHMCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh
|
||||
c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUWLKQJXcG6kkB
|
||||
Wxo98rmvbcPZRLYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh
|
||||
gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT
|
||||
BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp
|
||||
Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu
|
||||
emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+
|
||||
Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R
|
||||
BAowCIIGYmpvZXJuMA0GCSqGSIb3DQEBCwUAA4IBAQB0KmURa9QjazV/Kf1VJnGQ
|
||||
vfzSKYFHYVtmW4Rh/MTHSnqfxgTjgolAyA0t05IEU+Kks9PXoh8D0IYTeri/cICs
|
||||
P1nyrvUse9rqlOHil1gC2J6ysiYGFPKKzbRhc2lh0WGYT30pfjvQ32UChHu/kxI+
|
||||
ny4HktXLalYK58rI+o6gTEHMl2/BSHgzxPpObxhONNVCXiS8iJLpw6nwUl2rrB9n
|
||||
wHXMMIpA96Q3Hk056sNhEWG01MN5GbjTAZXl435XKTQvYSvh30WahXoXY4/F2bA7
|
||||
OlVGpTeu3H2gid3fEajF+n3U25VFGsQRb/RDBNMsP9eDfYF9N5g2tswl24CFu1qr
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI6SE0PsXGw/wCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECG7zORi+kUIQBIIEyOyz5+JUC/+K
|
||||
Uew57hlL3eIq4Lf1NKQvckgJ6LPkmfEZGPRkPlwpiFqy3KgOv/npjir7zq6nLRff
|
||||
KJf5FTLBie69FqreaY7dbO6KFfn81PHMvO7zitnT3Iohv0pLAXt35XxbM0ggUnul
|
||||
Y6aQArJoPRhyhyD/SorGHYDHQ5mSL8fjymzzy2faEq8i7PtbZvlRIvjTCIYHlTta
|
||||
mQFHfp0w+S2FLdbmodZRsXDZoN2mc6Rbu2PQ2DykDrezurseiKsjgilhvShph25H
|
||||
Q2kit081C9ldLjbVvbYUM7Rpwx624AqifMSncMq/i2CDa+x5mX8MP0O1ObBEZH9G
|
||||
yFX7hzS83smJiG3jdwG4IJwar6W2433fSDsQBrRUYonaUT8kebdyxTeUiVqxw6AH
|
||||
Bl/ru56WQ37w53JYadwWUr4Q1o8ud9XER2PpxkMVtyXMPxTDepX+kU/6W19vo6+I
|
||||
yC0E4DbWhx2uCgTNS8hxIvHOWWq3d7Gcxpof/NWPMVbLosuosX/3SA2Bu1x+/2cY
|
||||
IpwA61PAC08GKvkfBRV3wK74mlAJ1jZyrbY5FgmFNEH+aYUXQrRlpNt+H7N5dKlT
|
||||
Sa8gXtNGLHOoKbFQvjKakKdH72scJ1Gfu+WgojYAb1hLurkUyoAm6Du+AwRt1wK2
|
||||
Jilq6sbrH9R3Vdo+xRhjAvn8I43awtYqPRYUbCv9sGzVWhYFHU86pzyYJcyWAJTU
|
||||
0WWcZiOSy/zBOlVtaHidWuE4vtixIOxabvXvtfkG40VWOrX67CePrnCFnQQ5kfyT
|
||||
LJPMwL6u18037qsSFFi7jvBE4jYbfcpgsFHhK2sq6/oYGnFAUQxZ6W9BzLsdrGlA
|
||||
9BjQZrG/Dknnqo6+7NaHbaqe2dclSCoKDWr2tGN+hbFWTx71X5+bFMWJ0LinhUM0
|
||||
m5FjlI8NhA9PmCwBPZhUxHQVwLz6YYlqtAXgOXBKdJfAD/3MFXGWVQgUrPK+3wXS
|
||||
blAAwc+Gk5Aage0hO9TN++8fIyZRcOuYRjoXuK3Jf73tKZbzYw7kSt8QN4eFtaCO
|
||||
ExxRmisMJXK3a48ZSPaYb04WHxqP+ZEOaSvFLCgmQy+iw9nmWhn/6yTcPqCMyCkC
|
||||
PG7RBAiOrOsaDrKdaVYNecNgWKtfmKGx729t7H5NB419wOCbfyBvr5ROfYL3a6Ez
|
||||
RV/ljTkryXXf9wCBoGGK+2Xp9fmBf0f5MKG+u+QEIjPcCNcMjDMpgq/+7/GvBipi
|
||||
PYuzkky/CIb1atccWKxa0J+FzqPFhAKXRjHQ/P8VLrDBZFLS9fqOBVwA/FO2zdsa
|
||||
Wi+KQUF5tTMnNxqNd2QkM0aa7WZEjBtpbRZNvOwBUYuAjcAJ0nwn8X6OgZC3XH7e
|
||||
W8Te0S/miSsI/oJupN6LW8n8IkAcBm2RCnTOaOi064JSlo8FcDpDtuNg3N7ywMf1
|
||||
fB8JcgmWnRrH1WG3qscTh4UZyGs5iC5ELNghx5de2hNXTC8RW50EUGxl6Go7d8xf
|
||||
v/YRcASoi8jURtn9mDDSKOM7BwILC8FDE4w9cg80FkHKNJBPJVRceMPS2sVCe7Bp
|
||||
eENJA6sw10FC43d8bZc8qahi72fPxmCZNRm+xtJ1K4hSHiRNmluIC+hc22jKzbb1
|
||||
R14ylejrOfjDD+QqYhR1Zw==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
36188fa3977457d267ecae99373870f5
|
||||
ef6e44a8899d4f5ccc831e9d2dbc31ac
|
||||
e171c7e8e49e0d2edd43c3834a2d0099
|
||||
236aa4924c80971b0a34310eb69b70e2
|
||||
fbe85a7395cc10bea13ad09efa46d738
|
||||
f594c332d26c068b289ba96bbb1f661d
|
||||
efb873b76137057a62b4e27b522cfce6
|
||||
aef7ea67ec2540b00b4782780352addf
|
||||
2f7722d1edd40a8f3de3b0295e2da07e
|
||||
b46d196a4cbfd85e47739dc320af6584
|
||||
eb960e2c5ba27bf2f56381f8eb3ceaf7
|
||||
cc72d829ab05aaca6fbb205b78606ff8
|
||||
cc58bc336adb644adfb0034f9974b7d9
|
||||
f2b1308249cd74ecb555a550af6af1ad
|
||||
b15a3f03ecef5f89fa70d2fada97a1b8
|
||||
6179b0d487a6e3196209d053597a7416
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
;comp-lzo
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
227
Kanzlei-Kiel/openvpn/client-configs/gubitz.conf
Normal file
227
Kanzlei-Kiel/openvpn/client-configs/gubitz.conf
Normal file
@ -0,0 +1,227 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ah.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
|
||||
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
|
||||
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
|
||||
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
|
||||
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
|
||||
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
|
||||
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
|
||||
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
|
||||
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
|
||||
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
|
||||
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
|
||||
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
|
||||
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
|
||||
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
|
||||
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
|
||||
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
|
||||
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
|
||||
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
|
||||
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
|
||||
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
|
||||
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
|
||||
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFbDCCBFSgAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
|
||||
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
|
||||
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
|
||||
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTM3NTdaFw0zODA2MTky
|
||||
MTM3NTdaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
|
||||
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
|
||||
aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1ndWJpdHoxGTAXBgNVBCkT
|
||||
EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl
|
||||
bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMd4TDT1U13n3yZC
|
||||
HRJE47qjlN/klXgNz27kEPrn24yKOCFEHjt1RfKTLtVUFvRJfQgWG+egDsMwdsV8
|
||||
d0AQ5+kmZvS8vSoTHrwmPExxEAKw8+5KIUdJIUhArE25t2gfijOmtkXItzuvJRS5
|
||||
IP+Kk7RrXz8m7/aSLSYq5SAGxiPhnNUMlH6x5xhx9Io7hDSF8K3TclLvmJIzPzx3
|
||||
tdFMECsa9fYbccHfW1GCn0LEKJVx0EGmAXvoX9E15PG4otXpj0ew6EjJGPGXZMYN
|
||||
oHqw+9Ry+6+hHbQjOt3IxuYGK5v6vi/a80djuhFyVauB46pJmXOy5FHeiDEc85F1
|
||||
U+bT6U8CAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh
|
||||
c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUsbgkl4EafINK
|
||||
kee8wrGPCfGV/XkwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh
|
||||
gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT
|
||||
BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp
|
||||
Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu
|
||||
emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+
|
||||
Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R
|
||||
BAowCIIGZ3ViaXR6MA0GCSqGSIb3DQEBCwUAA4IBAQChppu8Flq0u72lwZE/Ao8G
|
||||
LUu+dvUJP1RZq7DSk+xj+SJir13riqMHjBCS5OqjKHs7nV5TWgnyMckfsMrQA/Lj
|
||||
SgMz90puQ1c3Ss7KWPnVIsIKGn3GaB5akElmq8iDYMdMUjJbw2Bo4EgoVSkbjE0m
|
||||
KdKrKm6CrfvW78kCn7icq+4ODbxbUxnHniGFVrHct3C0tC7gWNia00mC9ahGYMhu
|
||||
VIRyrn4VWYfKIGYul9MD++1cbFTEZ+HtAu/Ss/GLJMOQMlHXquEV6l7KE0jyzmsn
|
||||
ZPzmGD1/n9sjaSW6hhDvhdpDeHWhlk8/ds0fzVsqa747HbgixY48rF+m1l85dt/P
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIhxkoBFagQMYCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECD6h10URNh7VBIIEyNSkokvr0z/k
|
||||
lwrSlr8SOK2chlZzjbz5j4dM8ChdHJib+eV084/XQDi0AMvz8G7ToKe5z/CT7HBb
|
||||
TtZu108SB7YeiC6aQUK8bKJcJVgcXi8PvOdy1PgGbSxaVKqyWmFuQofyi1y2CH6e
|
||||
2x7ct5cXwUh6tUUtFDVMW6r0uBNaIeRzodGY2kyV/dVBKC1fxqko6dgkOpQFgg7C
|
||||
wANDG6cnXg+acybl4YmqKowsYdnk16KpozV7DeVK85BQaiNJrZeOwehB8gM0zRtB
|
||||
ZPRr8BgXJCcZMsxOnSTy3rp7/vbu1lrTO1QIlfHZHb8xPifvaxtl3HwYTWl+hjup
|
||||
iFUqSalbC7tt924KTy7Z9ov90+f9czcKuVkKkVtxQ/Kq1B9EOkpNytKYfLqTw6dE
|
||||
y3c26lPmO3+eD8qJ/J4+bVfNBgOLZGwHekoZ6JaQtnHNPL7QC9EPDocyjqmmP9Cc
|
||||
UsbQBczCy3S8L/lm7oo068cADbbnAW+RX+18uheASvk1SO3srraEwpvwtbf5VFBE
|
||||
tR+o65zBYaxiIESEeNAlxNWC7YwD/fil0Rqwv8N9MwbZAIyfH4y/yDmHs6Qi8DjB
|
||||
ELeD6JQJfWI/gEIB22VFz6+bNIBqJ3yeJZczG8YQpl9cu0LAh8q68bZ0KD/4SyzW
|
||||
MeVBFAcBHR0zwXXaIdpD2RUYgkVDPqBecJUxdsIzc4BfrfNafztfHy+RV1/ZnK6g
|
||||
RkvUB4VRrmlAgMyX6AvAjYjVWrxIC1mJLstkPtwAeecdDNoH7mHQruh+rs/Xc0VU
|
||||
0dqKorWaEjA84nln+lE/5GIegDgxlmxOxBfIkdUa7IGGXKz1LLc0H6Y77bmRXxi0
|
||||
BKqyuzrReDBShZr3FccKtwhRHYdeq5qNdyou1N5AJwHpBgIoJb4GOjCShekvxgB1
|
||||
dFfW2IEdqwnQmYDoK+2bdz0lybr57IA1CdH2cnDpbFWlhGglBf2aEEZEGX1wRpEh
|
||||
GFH5Qw50LCOycqhcCVK7lrpEUH9DHRGjoyLadNo9yRfq0pdJIhYSZ3lLPzq2Dtpe
|
||||
Dvl1Py/0/YZyCAEr2zda3xn415ZzaSlPmzl9Ld245G7PveuL84DOqsgKuJs0rBmE
|
||||
QVbC7/cBZS+y4xEvEn9cKHsq55nIawmI9TpLMfgK1S8I+vHTiSaUdNO1l35XIZDE
|
||||
NNTfS7ChnhHK9chyBkxsy/dmG2lNKcTXn2HIa1IkRpESduV5CblFn4/T1Lpz3R/Z
|
||||
EQKR4QIgN0uY+nKRNvnh7agfMnKydjTALGp38v9blgOiJdODhL2j4H0dcxbtrCWb
|
||||
7TrXGm3ZtwN+7fkVFVkhXTLdteGDnxBjt0kPECkGtQ4kDmOyyROKgiFPpZlSDVic
|
||||
UqsRnbd7g1eLszuOqCLKEOb1pcJVTFtve24EN1Ezofhg7LMEa+yWkm83LyEVVEKX
|
||||
dhx1RYKc4Wk/SrZN5jtXLp8ilUu+HqSbN81jX7NGGbSRox9SxKJoIHkbtx4TJlBH
|
||||
4bnLP302n9GJmDiPG9Vd0+osYLAkEIspOMrbkBZa5bM3YDQUeAxrkRuAwJLQ9kyx
|
||||
fmZS832L/mKBHe8fjEr3UynKODeRh2ReGxSc0a0xnMFb5wagB4MbYKvAgnsMscyu
|
||||
lDA5vjV7W9f6bptn8b82zg==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
36188fa3977457d267ecae99373870f5
|
||||
ef6e44a8899d4f5ccc831e9d2dbc31ac
|
||||
e171c7e8e49e0d2edd43c3834a2d0099
|
||||
236aa4924c80971b0a34310eb69b70e2
|
||||
fbe85a7395cc10bea13ad09efa46d738
|
||||
f594c332d26c068b289ba96bbb1f661d
|
||||
efb873b76137057a62b4e27b522cfce6
|
||||
aef7ea67ec2540b00b4782780352addf
|
||||
2f7722d1edd40a8f3de3b0295e2da07e
|
||||
b46d196a4cbfd85e47739dc320af6584
|
||||
eb960e2c5ba27bf2f56381f8eb3ceaf7
|
||||
cc72d829ab05aaca6fbb205b78606ff8
|
||||
cc58bc336adb644adfb0034f9974b7d9
|
||||
f2b1308249cd74ecb555a550af6af1ad
|
||||
b15a3f03ecef5f89fa70d2fada97a1b8
|
||||
6179b0d487a6e3196209d053597a7416
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
;comp-lzo
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
228
Kanzlei-Kiel/openvpn/client-configs/hh-kanzlei.conf
Normal file
228
Kanzlei-Kiel/openvpn/client-configs/hh-kanzlei.conf
Normal file
@ -0,0 +1,228 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ah.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
|
||||
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
|
||||
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
|
||||
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
|
||||
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
|
||||
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
|
||||
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
|
||||
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
|
||||
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
|
||||
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
|
||||
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
|
||||
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
|
||||
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
|
||||
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
|
||||
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
|
||||
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
|
||||
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
|
||||
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
|
||||
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
|
||||
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
|
||||
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
|
||||
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFdDCCBFygAwIBAgIBDDANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
|
||||
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
|
||||
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
|
||||
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE3MDZaFw0zODA2MjAw
|
||||
MTE3MDZaMIG/MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
|
||||
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
|
||||
aWNlczEkMCIGA1UEAxMbVlBOLUthbnpsZWktS2llbC1oaC1rYW56bGVpMRkwFwYD
|
||||
VQQpExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1A
|
||||
b29wZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVUuQpDwsH
|
||||
vxSAvH4nppLzlcXizzUA/Wvn6cIysA3GO5nY9LKt5s2O4SWljMguYC8ta00jmK4G
|
||||
WfPyzarzZLxEBCosSsemxKUS4pW1hiPJFjgdoXwnWY6DsaeFFPFzKdyH84cM+8gD
|
||||
6XTLujYJnbG1rjQUqV6yi8EiwxfVxPDQAyNpvI37wxsr7abTNNKjvlZTAZd/DRgF
|
||||
7vTI4Nw1XWQxtam4kST4hKdd6ugnUyf9FfVaX06P3j316hhgoqXH2UfCPZlI+6CJ
|
||||
R/vmkB1FYplta3xKhHMRGGbhqTqvpK2ATNpZNGXZbVYd2Ly5FlMtbmDZrutbsbyk
|
||||
aptkZtZ72hMHAgMBAAGjggGCMIIBfjAJBgNVHRMEAjAAMC0GCWCGSAGG+EIBDQQg
|
||||
Fh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEY6Tztq
|
||||
ocSJTcTYSs/N9DVPHK4/MIHpBgNVHSMEgeEwgd6AFE6CHhSB65vIcSyxImiQv+7Z
|
||||
1P/UoYG6pIG3MIG0MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYD
|
||||
VQQHEwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBT
|
||||
ZXJ2aWNlczEZMBcGA1UEAxMQVlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBO
|
||||
IEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRl
|
||||
ggkA/lmtXr6QBT4wEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMBUG
|
||||
A1UdEQQOMAyCCmhoLWthbnpsZWkwDQYJKoZIhvcNAQELBQADggEBAFAUWaRuXrg0
|
||||
U8ksk3p7T86JrIi4jarr6VPt3DBXiFnplhXhqhUGBh6eWLd3q5DHSrh1Ll47jpAq
|
||||
O5hyknrbDnf4JWpg6RxTxj5dmvIWvBvInlyxpjnk1vudCDm09yU5hYZht9XVjWAQ
|
||||
DeRe6F1wqFjRZk33f1Pies/xJVdW+rQG23VuNp0OwIVvri3i1qBuDV/Cb/XQXdlU
|
||||
YsCG4IS2fLWU3DO4DaKCQh7TGhLJDSlPrwB+7UN419p8IPpQs+3eUTGM4He6153K
|
||||
iGvBeR4wfB8HVKX+Ro4O33Xa/Hcvvkl9FCgBF6dVJ1nmhBm4GWstMhIw8nnBuzl/
|
||||
YzBrq2Xgzsw=
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIz79jvbHv3DACAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECPE3o5ZalTfQBIIEyMw6MfxJ1fA5
|
||||
+84OUNHDJ/9BvnQu/0EbX6YkZIZgZ37zxvYR8NRMHqRdsR5oTqigbOgkSQTx7JEA
|
||||
M2p3uEi4nrz9Rle+T6ZALHaTQcQcUe3ZgpksyUXTQjVnKm+riZpK+jmoYpdPUfQo
|
||||
TyKb3FeuNxOoqyyruxiDyoyxtQvgz0SuibDrOX+GyM2HbXkZPD6JjZuW7U/TFriF
|
||||
0+R7Eog718e/0bisKlPs//3gktx0QyApc3RMQjKaXBrCS5xlwgsj/OAAitjBhwl3
|
||||
XP9FgoP/is/8pu7LERuqt3exwYk3QaJrruUkhxscupXCi1doe/Nql4cpZAiAVTQ2
|
||||
m0QDSj0PSqy7vAZwZ+R3DttZMHcPEtAsrzBFpcVhKnKte7bGk4k0ICRIZMI1wVJI
|
||||
uRK4ihPj2d38Bff3YuNoCjTlzETtOXMP5+UP3oH8fY7qb7P/QRp8Yp1lapL4NMgv
|
||||
fJyNyyQAg08K3XHhEZVF9I3N6KCiVPi8K5Uteb7r/kjXuQ+nOzxvzTPqjW+7huT/
|
||||
kbh5AIcMVUCxHvME9Au7yLpuy1T70TyW5zqmE1feZkVQE76oj8BAkhmhRAuvaCES
|
||||
ZglwSmTA1bYDPVs8/nnRB2VjcWYjus0oSC0xdiOAYRH0KuW59DgfMttaxXh4/9Mb
|
||||
uXsu/2HU3nOxrXEzBHUDOEb+ja/kKOrU0TrsdcpPGVqlMFHjEDEr7oEWVoIH7iGw
|
||||
4McLH9Q6054DczfJrfavhkx+Pk5Fb3nTfPH753ugCrPz733w0ugi2IKEzJXgAXOx
|
||||
3cTBVr6mOw3ctQ+7D9bOHIEAk4Gfgf+DdTlLRbDTIBB/OWiPjp2x7D+eu1oVMlOU
|
||||
5gkSadlklwkwe3dGjWsSjK5g+HE8rlBZbYTEe2gko1S5s7+v7jn2rP+2cY8DHASG
|
||||
UiPghE5+MC9W++5PizQyLaR5FNO6/GzbzalrtGeE7F4s2MnRjUotDKFfZdWeOdFJ
|
||||
zpv4GzNU36BH9WCbW3jrZMH0uDBt6lVoU+t7uwIvDnrAXY+FwodaffS7xWhNWm5r
|
||||
h3yGnHQzz17ZDUAnMRSOjejb32PmNq2M5StlnY80MBzKptE0qYuvW+BzpsMyYSFz
|
||||
2T3jhJmYwPsPoKE/O2xPVg2wGExss4UQyZUoV/rvtE+WTXUsYUzsjwBIV6DD0ux0
|
||||
PGDbO7yO83izhn3VlWRq6Re0n6CLXmyCg7nVi0Iuw93dHfUQWcuKCKE8uwRA5QE+
|
||||
3edHSYOtTZ/PLH+Uh+Qp6m11GiYhY3S+vlJ0l1FBfx07KCfOzbxBtB8lHK9q3XaY
|
||||
bZOBPDMs/Wx31O48L/i19OycBELKwoPUQTjEId6kgYMHxgjXO7XbHrN4Ryxw9ydT
|
||||
Iij3WOKaeICUmaSG/dx5luKJ6BV2ZJyJF3vKWVUMtpamEeqfFevxAMgTC9zh7D9+
|
||||
1WhNCPvvgJ5OXsfdUMcUnENnGdcSfznOG/BlKVRG7niGKjvk4DtdjZfHMI0TXqiV
|
||||
Krn4GcJFZjMVxG16TFxpCVK6M52CV3WoGgg2YLp1bop1bbv4zwE3gk00EILcRKfF
|
||||
UZrEn+5QF7XsS4Ym85y9DrOc1Oag3AFxwqT/cZuX7cfEDR6JE/ZQ8IGuQnH1sRkk
|
||||
5Gw1p3AFAgSy7ADVtsF/kA==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
36188fa3977457d267ecae99373870f5
|
||||
ef6e44a8899d4f5ccc831e9d2dbc31ac
|
||||
e171c7e8e49e0d2edd43c3834a2d0099
|
||||
236aa4924c80971b0a34310eb69b70e2
|
||||
fbe85a7395cc10bea13ad09efa46d738
|
||||
f594c332d26c068b289ba96bbb1f661d
|
||||
efb873b76137057a62b4e27b522cfce6
|
||||
aef7ea67ec2540b00b4782780352addf
|
||||
2f7722d1edd40a8f3de3b0295e2da07e
|
||||
b46d196a4cbfd85e47739dc320af6584
|
||||
eb960e2c5ba27bf2f56381f8eb3ceaf7
|
||||
cc72d829ab05aaca6fbb205b78606ff8
|
||||
cc58bc336adb644adfb0034f9974b7d9
|
||||
f2b1308249cd74ecb555a550af6af1ad
|
||||
b15a3f03ecef5f89fa70d2fada97a1b8
|
||||
6179b0d487a6e3196209d053597a7416
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
;comp-lzo
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
228
Kanzlei-Kiel/openvpn/client-configs/hh-lucke.conf
Normal file
228
Kanzlei-Kiel/openvpn/client-configs/hh-lucke.conf
Normal file
@ -0,0 +1,228 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ah.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
|
||||
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
|
||||
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
|
||||
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
|
||||
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
|
||||
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
|
||||
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
|
||||
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
|
||||
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
|
||||
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
|
||||
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
|
||||
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
|
||||
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
|
||||
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
|
||||
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
|
||||
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
|
||||
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
|
||||
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
|
||||
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
|
||||
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
|
||||
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
|
||||
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFcDCCBFigAwIBAgIBCzANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
|
||||
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
|
||||
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
|
||||
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE1NDZaFw0zODA2MjAw
|
||||
MTE1NDZaMIG9MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
|
||||
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
|
||||
aWNlczEiMCAGA1UEAxMZVlBOLUthbnpsZWktS2llbC1oaC1sdWNrZTEZMBcGA1UE
|
||||
KRMQVlBOIEthbnpsZWkgS2llbDEhMB8GCSqGSIb3DQEJARYSY2t1YnUtYWRtQG9v
|
||||
cGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy+f6OZujjGd
|
||||
OknYsbwjBA5toqsqGXkSdMmo/xxCYc2KFiO5UODuUHR3R0ZSXaorUw5q7zVsA1w/
|
||||
IxTJiPaAvFB5m2RCFPDp/Kb1N6KdRs45fWKkgqf0qtgubk+PauZUJqIhs7ZMnOGu
|
||||
E5qCxS+gpeVYci/FiJbU+IQZHs16zwsNgRpyYe225BxovsXBvIJ8F5EggbFZYo8b
|
||||
Bc8whBTlKydk8CZ5SO9ObIcrHmiBXbfFNY5rmxgsyj40RH0hhln/zXUK59WBgg2k
|
||||
Ohirf0RpwFieeCg5xCF1NTNvpRKfDhQZqj2h0vyelN9LDZs/L9bGHoNu3xWlOXPi
|
||||
+bPKIZFivQIDAQABo4IBgDCCAXwwCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYe
|
||||
RWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQSGG+S7wZ0
|
||||
V4+lpjuJuPnLCrCImjCB6QYDVR0jBIHhMIHegBROgh4UgeubyHEssSJokL/u2dT/
|
||||
1KGBuqSBtzCBtDELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UE
|
||||
BxMGQmVybGluMQ8wDQYDVQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2Vy
|
||||
dmljZXMxGTAXBgNVBAMTEFZQTi1LYW56bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBL
|
||||
YW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Blbi5kZYIJ
|
||||
AP5ZrV6+kAU+MBMGA1UdJQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDATBgNV
|
||||
HREEDDAKgghoaC1sdWNrZTANBgkqhkiG9w0BAQsFAAOCAQEAWC+QrydsgsXQCVQ0
|
||||
LZUd3es1NS6ClTPkY7+f/CZYWpFQP8qW3dB3W+S33qRRcOvyXP1m8k480EFejCXK
|
||||
qO8cUdKtDD4gFZccp+zWXKaZpmMjGm6WepqfhgDdtKcN2XdKvgwowy96c9JP78b0
|
||||
igGwfuI8bUF/dVgHMlkT6X+PIhl77OEh2bNUbpfeNlPCjr2+e70mCVcHji060D7T
|
||||
l4uh4pHJwi2JINLkZfh3m1xPvQU7h+K9D3Z9k/IL7yxFdAY+6tmG8VUjigDC7cN5
|
||||
NH29yAzC5fSyKO1xdDkc8s+s8Di5ufRBNVgcbflPzh7t7vcGlflOf8Gq1z5ShHIB
|
||||
ZQ21Jg==
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIXEjPaNf5KGgCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECNdZNDlsLt4gBIIEyOzgTgA/V6IO
|
||||
pWGeNhluCi3s8PPytWN35z5mSE3N1ErEveJ65W865nNJkqnDR9a7RVciE++KhWs5
|
||||
CYoopoGcUyadyfKIe9HkOplxeZsy1qHoMYDNQqww4cr1BV3erA6OkW4XJ0RMZcyu
|
||||
aCdU649EmdDPmESmW23Q4getgX8sHC0/Yw3GHpZ8jqh3tH5HYJt2/MAQGAtlIlOn
|
||||
MW4cE9ZcWuD0DXH0sjakovu4UqxefOmmYEWhS9Rt1hfu7rE0Tb4Yvl3lzR7ke+NF
|
||||
IAobjcDtGvTr+XxUyhLY57I8qlK0uooyziHhZWusu358mjWaTifqFUN2NRw1rgqp
|
||||
FoMvkSeyGTPrMO9eY1N+QLw9KZ2/Sd+1KcLhOGHyc5DhL6YmlhxsnMJDUiqrDC/v
|
||||
j191WT41+yBSqfVY9PgKU3B1e/kEGWM+JZUz5Wpx8wP9NREjX+JUBkiTcvbho61D
|
||||
3qxHFrqbcic1gKcCQ61c7dV2c/cH9EAYl426qzTclmw0fL1rKjutUJ6USq05gcNU
|
||||
e8ugKz5xR/EyiUKx1iPRlKd1EJORX5n+XdTNhvJuO2x5CXmT28Snv7ZpQEC3Qpt+
|
||||
P6f8hm1c2Dmc05wePoc4fbPL4j47fG45EXWeMw2gAPzWuGkVEN2zUSRf43e985/k
|
||||
E3nzQVwXZ1K3zg80PEv9BcmH3aA0I0Vp4b3EH2gVi5Zxcf8fZoqVKBWppFND29pN
|
||||
hQ9Vnlu1R/LQ9I4OFO+txmuEADCVh4KNzZBfPwdz5ZiPAtw3jFpYSbbsC+nbha+4
|
||||
sW3HwDwCqF8tXBNyVFI5Vk5Saagu8Rj4/ng4NuEHVFIJD3Ul5bKb4Li2Ld5HGMmc
|
||||
WU7XTwBO08onPZp/EpYem8LQ3fPmwKIdyiWDc7gOIeHgLp0/y08aJTcacYBpInfq
|
||||
o3Ne6z/drZErYRie3r7NCpzCt3xzEcQhfMi3PxxTOMOU3cdEtQhkAq+XruWesIOS
|
||||
U4/Kgv59K0wpMmg8Ezg9qKrDnwylNhab//sC3IT6/CjHsvHAmMyxwRVaPu4420l1
|
||||
uK8fZPCHSmHeuR+A2iEiQMBmCWE51BIi3tOH25PhkibpZHD4RcN5b+Ws7lCbFF1s
|
||||
fCsYoVLEufzEZdsr7LkDpMdfvwJXt2BqvwRuNwoV5VnuVLI+yfnkak4j/pt9Vwvy
|
||||
hAqSCdzjxp6Sor/5tJBs7mfGQHO3ULgp3bVkuELnzHEOyUq1h3BOpk6VDnk9t2VI
|
||||
xg1WVr6gztKdvtjnfFoguE+Wdd6N1XGMxlBzzY7BM1TIXQM2k9mM6r5ACoy17/Xr
|
||||
M8aS8BQJ+M+dUVKTm0fMLPVOCqmIlmVwZRrJybwc0+Qx8yzLNGTbwHUlBZ0xct04
|
||||
JLrpH4vuzbewKIXCPQn9iCtmSNuHOkdaryKaVF/IrM2QXMl20WG3OMtazDnvYGP9
|
||||
NTyyDQp1CMug+WSH3aEhs65pHHMjxj/I+4cH8CcggKbencG5QF2ztBcP0RK+Facl
|
||||
YK4IEMkrCdorkY6MAOhLKhAOGPcYFSDgLwAvrN/xVLTkZg7Y2jR8gD33QZh9TDrl
|
||||
vn9D5Se2xoGt6F9P3HuGnRSNgSK572ViPoMXqqjEJz4SShPwCWyUn5PDwYhJhBJs
|
||||
UWrDe94SSE93IuXItNGO1A==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
36188fa3977457d267ecae99373870f5
|
||||
ef6e44a8899d4f5ccc831e9d2dbc31ac
|
||||
e171c7e8e49e0d2edd43c3834a2d0099
|
||||
236aa4924c80971b0a34310eb69b70e2
|
||||
fbe85a7395cc10bea13ad09efa46d738
|
||||
f594c332d26c068b289ba96bbb1f661d
|
||||
efb873b76137057a62b4e27b522cfce6
|
||||
aef7ea67ec2540b00b4782780352addf
|
||||
2f7722d1edd40a8f3de3b0295e2da07e
|
||||
b46d196a4cbfd85e47739dc320af6584
|
||||
eb960e2c5ba27bf2f56381f8eb3ceaf7
|
||||
cc72d829ab05aaca6fbb205b78606ff8
|
||||
cc58bc336adb644adfb0034f9974b7d9
|
||||
f2b1308249cd74ecb555a550af6af1ad
|
||||
b15a3f03ecef5f89fa70d2fada97a1b8
|
||||
6179b0d487a6e3196209d053597a7416
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
;comp-lzo
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
228
Kanzlei-Kiel/openvpn/client-configs/hh-suesse.conf
Normal file
228
Kanzlei-Kiel/openvpn/client-configs/hh-suesse.conf
Normal file
@ -0,0 +1,228 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ah.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
|
||||
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
|
||||
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
|
||||
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
|
||||
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
|
||||
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
|
||||
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
|
||||
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
|
||||
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
|
||||
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
|
||||
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
|
||||
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
|
||||
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
|
||||
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
|
||||
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
|
||||
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
|
||||
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
|
||||
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
|
||||
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
|
||||
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
|
||||
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
|
||||
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFcjCCBFqgAwIBAgIBDTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
|
||||
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
|
||||
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
|
||||
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MjAwMTE4NDBaFw0zODA2MjAw
|
||||
MTE4NDBaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
|
||||
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
|
||||
aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1oaC1zdWVzc2UxGTAXBgNV
|
||||
BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv
|
||||
b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5HTV+tr9x4
|
||||
Gaw3ZnsKnge3QAxyNG3Ta6S3YllKFpZ6q/ZQGqdoX7Hrj2il8FbKmxJ6mCByajvL
|
||||
LPCwX8toQAES7aea4dAyYXZ3R8tgMHrhwUqk7r8U04AVRRlyBiWiK5XTKBM3mbhl
|
||||
t/UcDnsRzszsYmEGv09Uz+6dYzlcaHNiNjKJZYfcOZGy53X/q5RRLr7tzt0eO7DD
|
||||
jF1dkRrnbe/nP5VzShetIJ4EiRkdy48Pg6r18kTi24bhD/TCIx8WLfs5j7AnVgWc
|
||||
lbhNx07j1mvKUh7qB380ykS0UmFwWrUNCFaTViQDOOnX1DVG/Qd2m1nTQMwb5u8l
|
||||
2DB7qJ2u/2MCAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW
|
||||
HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUZfN/lRCx
|
||||
SA0SjnsTHrjM5RD50IcwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV
|
||||
BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl
|
||||
cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g
|
||||
S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC
|
||||
CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD
|
||||
VR0RBA0wC4IJaGgtc3Vlc3NlMA0GCSqGSIb3DQEBCwUAA4IBAQApGaMEsj00yDyE
|
||||
Aqqd2PjodW0wNnonTKpnzpI2DJl+Qapr8vtmMy8h6fzFxTTNf6GeY6iZbYZPdHOH
|
||||
pdRfWTZh0nFq5roRoYfglyuBqeB6qpWGYs+dIDm1Qbhbb3pXtHKdU/f00XJviyOQ
|
||||
OFZTl/LO4L12Vv/09H9Y18OU/XyPimMuSYTWhbNtrd5eLps353p3sEVjWY+gbJ8g
|
||||
GxDLPIi5YWF72rhpl4wHqHVXpbtKH1dTbRtLm+kseFVN6MvnzvhhnuQEYz9srThz
|
||||
dGEDJffJbNlCwACM75OczQmchP9Drhz+hR3DDOemCT1IYCJqaYxu3ZgwzOIDxfGB
|
||||
KFTBa2Y4
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIRrW75zSeh/gCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECM/ACjLMnFOqBIIEyH3tvetavQ4n
|
||||
r+z1sBiLqhhfjqR0KVWznMpRWnwClNdu3XqQOYjRYRTcmMX1ILE7ifsyMfYNqmtw
|
||||
df1zCB0qc4rpg+FGMjEAJpGuU2uxcN85nTvRI7l7y8iIi5Bffjr44eMfitLjXRat
|
||||
XxZrkHIsbSpEhDeNBC5Pc9TCuqJY7PLac3a3JR0qNib+Ucpp9I8gWEW6FHrobSbG
|
||||
mSpEZe+w7uoAq5tcaJy8yHAzVQfmh0TJK09mhiXdKEmDipcaWDyCeXX+8Ck9sY/I
|
||||
Ykm5Fi/HrlAwMRYO834cWdBN1Zle1Prnn2xuOJsIKKTw/XktpOzbvOlykNgzVrvJ
|
||||
VbGfydf7DpN9Z6QkX+b0DrwYP8B3ZJyFVoFSyS4x7id6SXhsV5QMa7Rpr61g5Eag
|
||||
C3rcqwupmYqqirAHPMNbsjiV7APhGtXiGkoHZyDWe3NTzm6hMzYIbDcFtjIUEgyH
|
||||
htqd33oUNkSbrx0BWBQQulrq/kjYTcJpc19txJSvdBJZeNemxxcrr73EXI1GOhJL
|
||||
wKSP91yp7VPIE7S222eD1Q4hOvFHo/RTcaXXLUCX6MXH0kpLatf4iO26/FffRVxG
|
||||
+Ds/5IGTCjfLlj/Z3FiFkRbC7Ra7W8qkGdfykVvMkmjgEZBVFRzVZpPkTrvwa3J8
|
||||
93BlheE6bi6iGkvd6fRgLHl/029k3Rdt25Thfy/yXYWsXRJqc8J3/2ADjVFv0M0G
|
||||
wW/O2WtIaHeMK3g/KNgGIc+Gui+2UFy26VJOK+xA5pxMtr80+o01D1RKkrriKEXP
|
||||
qPtw/haSBpGKxn+RusujcNoRlwOC0oVHWvN7NqMaRJR78Zite2tECphCE454bl+g
|
||||
SpjGei9O0OajCNe+RraWgAL4uhE51RUiLqbrx+Rt6NhZxxTQ4nqOzeI5sHIerIAy
|
||||
YmMgWzjJljFwKSKysyjda1AVXSVtb82EXBko9ezmcTFtfvZIrx3w6pd0IXAh521j
|
||||
y6zYiAdp+4wZzuL54wZYk1t8ZG7dcA/iXY+RTS9PVkXveDHF2c6jgmBEjJtoxBMM
|
||||
WHdU0iE2pr7lSqmznr5wxZ2rcXCuUGYUCqdYAwdD4o8OLouWXhYtMdFcGrx6ouc9
|
||||
9YFwZR8qpeNHyEzJplxBIgLQ5maDm2pwpCAZXauU5zLZ1L35B6lF79+TUNQjqtSZ
|
||||
QI75KiukKh34a3a941IjALjXqrp+CzDCjdmww/R291oW3KeJ381E/k8+lZi9M8d9
|
||||
ZdCchKVpLOrixRCw5r7ItWczeFpVukdWuf2CzqHEzEz6r42IPbITAkrqChsm2UHh
|
||||
v3xrAk/JySmDL2D+iIapGTxlDto7Sf5D1AxKqvb3xWyReG01mEzYn6sxzng/BpNB
|
||||
7gkouadIUGsSnzz3gqGuBWUjMVa6Xq0bf9onUrfRk/6e6I3maWOpkTsn2x2nkAwm
|
||||
kgyA2PEZ1HcKyxQM6C4JOSAcLMZI4cDsA8/V6vwwxY249HhPGDtfDvUTpDipogW7
|
||||
D5qWyVsNpaeKPmAf5C8Wm5M9ikgQTJ2woCkkpzi9pn4K/j8s94sam2rAxTnTksKS
|
||||
GYnA1Tq6s6jyVYXqf4wE3Oh5AJoy3uQ0NQZW9QIobK0gIibNk+MUZbsXffKidbU3
|
||||
qxWilBX7I6N07FjmO1fYTg==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
36188fa3977457d267ecae99373870f5
|
||||
ef6e44a8899d4f5ccc831e9d2dbc31ac
|
||||
e171c7e8e49e0d2edd43c3834a2d0099
|
||||
236aa4924c80971b0a34310eb69b70e2
|
||||
fbe85a7395cc10bea13ad09efa46d738
|
||||
f594c332d26c068b289ba96bbb1f661d
|
||||
efb873b76137057a62b4e27b522cfce6
|
||||
aef7ea67ec2540b00b4782780352addf
|
||||
2f7722d1edd40a8f3de3b0295e2da07e
|
||||
b46d196a4cbfd85e47739dc320af6584
|
||||
eb960e2c5ba27bf2f56381f8eb3ceaf7
|
||||
cc72d829ab05aaca6fbb205b78606ff8
|
||||
cc58bc336adb644adfb0034f9974b7d9
|
||||
f2b1308249cd74ecb555a550af6af1ad
|
||||
b15a3f03ecef5f89fa70d2fada97a1b8
|
||||
6179b0d487a6e3196209d053597a7416
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
;comp-lzo
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
228
Kanzlei-Kiel/openvpn/client-configs/molkentin.conf
Normal file
228
Kanzlei-Kiel/openvpn/client-configs/molkentin.conf
Normal file
@ -0,0 +1,228 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ah.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
|
||||
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
|
||||
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
|
||||
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
|
||||
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
|
||||
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
|
||||
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
|
||||
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
|
||||
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
|
||||
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
|
||||
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
|
||||
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
|
||||
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
|
||||
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
|
||||
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
|
||||
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
|
||||
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
|
||||
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
|
||||
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
|
||||
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
|
||||
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
|
||||
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFcjCCBFqgAwIBAgIBCjANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
|
||||
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
|
||||
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
|
||||
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQxNTNaFw0zODA2MTky
|
||||
MTQxNTNaMIG+MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
|
||||
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
|
||||
aWNlczEjMCEGA1UEAxMaVlBOLUthbnpsZWktS2llbC1tb2xrZW50aW4xGTAXBgNV
|
||||
BCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBv
|
||||
b3Blbi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZqwJKDtQxG
|
||||
h45+wyyHtVUZQ+qRhLAgLp/FZFpY6Xz1lSY8NIbEHSPpeH0QfYS4KRT/AMsTOqL7
|
||||
zAy9nluZG8YLqkcni/NhDDaizPH9xk3Msdrpe5N2U1KZkCddD12OHkwa/igX3M0e
|
||||
8xl7OCYqtDOA0Dh+gOZu6e5pa4tYIks2tnsXC6CK1PPEdgGkrRyH3WVqQN5py04l
|
||||
EMZM+d+UEXgS5nQVsSvnQQhQxt0x9JiAb++CF2geq1kM2HJUHWsJLp+IJ5B24ZdP
|
||||
21vv4a9MED/rUeangriVxj0Zph4W9i/3bYtMne6qMjumc2cOuAGNKESNBSo8nlE/
|
||||
CdBeRNjcR80CAwEAAaOCAYEwggF9MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAW
|
||||
HkVhc3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcl2LsdAN
|
||||
GDmbssHt2DssMEW38xYwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9ShgbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNV
|
||||
BAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNl
|
||||
cnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4g
|
||||
S2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWC
|
||||
CQD+Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwFAYD
|
||||
VR0RBA0wC4IJbW9sa2VudGluMA0GCSqGSIb3DQEBCwUAA4IBAQBEUBCWZVQJ0am3
|
||||
sA9NUEVK7Kfr+xcVRL4OsXAsBddG7upZOpJS8ojlEYbCNFqUkih0tGvjMdHTTci/
|
||||
KmoaHVHKpMm7pG3DiW+vnGgFcO9pVakLLjAdpOjSpVPhUYKA236rHpCKm8WnbP3N
|
||||
bYlBeaKu+RsZgymYLobWw5feWLMKNLFzmu0qnhipe/qdDP6ctGju3nwtQEwh4r4Z
|
||||
7+uR4xEfVZraLw2x+7EwroMwu+8YZF5X3m+3ylgGBkopGiX1cUo5SoNE19hi6jEY
|
||||
K9HsTz5LsYJBdhB/fOSVKOY+4MOC2IfbVgpNrcwiBdF2CrnZCwg9NTTS5yWpauiq
|
||||
PePBcAAq
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIhT82G+86y3QCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECHY/+Su7BqkgBIIEyIyaJBc3qqTh
|
||||
pIhFPfRyyn8CKIS4czpHbPOAfO3CGm+Jhkv8x9xpgv22+lg2t8fp5Tbc5lDEdI9n
|
||||
WQaXiwtlgLTkh8h3HxMnz63nQ3Noh+GIVlowLz+mxGw3rjXyOKgmwdJc2RLijaM8
|
||||
Ug2E2Umx7PH6w78ILrt6edj6VapzGs8frlRYcB+w4eOnX3aDA+hIH5jkmKTiJF9o
|
||||
bX3OzscISbak6od/FqMj5SNXMDVQd00wpmOqx/BUPdUWgK+yKjr1OG7QtihsrkwQ
|
||||
Xwan+8OWUvlxWZbOgALWVKACZxgSQUxg9KUY6xZa/yYo2fgUjeaFd7eimi6cATER
|
||||
Zc/zW4Dueo5PxnKw3F4VK44QyL2817EdrUvTKFJKE9mPS1szBFdqhbsN7OO91ked
|
||||
rSzE84CijhuTuMZ58afQp/nueTSlswFl/MwftTJo6lRR6gNzoc3E2HL4fV+tYUdk
|
||||
oV4vb0HBLxbSX1vIG2pcST4V7VhTqXvGbKNqv0a1zFz1s+tK9cJV1OstTmqyIsSx
|
||||
MEM8AYNmwC7ww1sbdTYCPtoHlvlK9edgzA4ojbGGLVE84P7BSNrAQiTeanGYROZr
|
||||
yw4ZRAQOonv091+2sBQTVJkiuTu78yAxoVXWjCwhb3E1YX/h/5wmtViB0uRt9SOB
|
||||
zPi8qZWWHi8SLBBVQ2YTj6dotZN3Zy9SxbKn/p9AjoNMX4En/bvfZyMHcqKjfJUD
|
||||
tIXNQUOglMVRoJ4JR6legma9v+QCtptiDUHm+4Kw40zgHrL4UZbvf49a9itbz1Ti
|
||||
aiOzMBlpZGuv9D5HQrnxY6v4kWPlbvWHVLtPd335rOpNfCR9Mdp8ZDH4QpOkjWKY
|
||||
07JgaBt60mmzZwO7skUVJyiG8MC9k4BZ9OB08IQPMvKiLzGAYcUl8455tM98KBZ0
|
||||
oDCRsq+/osDuCusJo+cRkIuhoMkEL1AkrNYZNbZnxJH7O9loFxwyzkAphcKFDsKf
|
||||
eFl1I/k5aMmWEzMrosoVfaSe1Q71EZOpE4AM97/whTAl1ZyI25yKtvcdmhzTRO6c
|
||||
geuELG713eEP5F6HuCWwb4EL/7XeTH5fIXvOrrNlArTLf4oVceVC0oHntI6dqtly
|
||||
BKdkeaRMBmINWTIcSgf18b/+EVZf723IHJsnodyWw1AssXSfyxzw7e5L4H8isQI4
|
||||
AAUiZjU4O3xRWnuuz86ikcDWsZ4AQoWePOZvqr2kXqArLTG/EBXaR54cVHiQMr/z
|
||||
11C7lIJ1OuqnP1/aFbSti1tnbiGK24LpJAW0ycvcj4JBLNxd3KlQs6yjtpLExjtn
|
||||
MbUArEROdJnJmmQ1kuTZII87vnhkmzB6EQslqfXKCpDc9w7WGv7Yuqf2r7vOhuGG
|
||||
eIvtwX+sqzO29UKJNCxe14TMZpQpe6Oyewk4L5xUCLjNpd9qmm2Oc/At/N2k85Ct
|
||||
4BcWvNrpBklLgTR2+Hiiw3tS34pZ5VJdUlYHN0ZPbChqYIjeqhBQsYktoLAoVkDv
|
||||
p+w/DuErEV4S9SxhwMHHlMZXpQIGYs+aGaJiTgYmos6Wxgg3Pnz95pN3w7KUd+Ig
|
||||
5BL2d0ZfmC8Wm/h4RdGeZZYHmA4dl1n+8D6Pycm02f/LXNoylsbge4kvzOoV2U8J
|
||||
b0ZWRsYKxyssZP8ZWc6QZw==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
36188fa3977457d267ecae99373870f5
|
||||
ef6e44a8899d4f5ccc831e9d2dbc31ac
|
||||
e171c7e8e49e0d2edd43c3834a2d0099
|
||||
236aa4924c80971b0a34310eb69b70e2
|
||||
fbe85a7395cc10bea13ad09efa46d738
|
||||
f594c332d26c068b289ba96bbb1f661d
|
||||
efb873b76137057a62b4e27b522cfce6
|
||||
aef7ea67ec2540b00b4782780352addf
|
||||
2f7722d1edd40a8f3de3b0295e2da07e
|
||||
b46d196a4cbfd85e47739dc320af6584
|
||||
eb960e2c5ba27bf2f56381f8eb3ceaf7
|
||||
cc72d829ab05aaca6fbb205b78606ff8
|
||||
cc58bc336adb644adfb0034f9974b7d9
|
||||
f2b1308249cd74ecb555a550af6af1ad
|
||||
b15a3f03ecef5f89fa70d2fada97a1b8
|
||||
6179b0d487a6e3196209d053597a7416
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
;comp-lzo
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
227
Kanzlei-Kiel/openvpn/client-configs/schaar.conf
Normal file
227
Kanzlei-Kiel/openvpn/client-configs/schaar.conf
Normal file
@ -0,0 +1,227 @@
|
||||
##############################################
|
||||
# Sample client-side OpenVPN 2.0 config file #
|
||||
# for connecting to multi-client server. #
|
||||
# #
|
||||
# This configuration can be used by multiple #
|
||||
# clients, however each client should have #
|
||||
# its own cert and key files. #
|
||||
# #
|
||||
# On Windows, you might want to rename this #
|
||||
# file so it has a .ovpn extension #
|
||||
##############################################
|
||||
|
||||
# Specify that we are a client and that we
|
||||
# will be pulling certain config file directives
|
||||
# from the server.
|
||||
client
|
||||
|
||||
# Use the same setting as you are using on
|
||||
# the server.
|
||||
# On most systems, the VPN will not function
|
||||
# unless you partially or fully disable
|
||||
# the firewall for the TUN/TAP interface.
|
||||
;dev tap
|
||||
dev tun
|
||||
|
||||
# Are we connecting to a TCP or
|
||||
# UDP server? Use the same setting as
|
||||
# on the server
|
||||
proto udp
|
||||
|
||||
# The hostname/IP and port of the server.
|
||||
# You can have multiple remote entries
|
||||
# to load balance between the servers.
|
||||
remote gw-ah.oopen.de 1194
|
||||
|
||||
topology subnet
|
||||
|
||||
# Keep trying indefinitely to resolve the
|
||||
# host name of the OpenVPN server. Very useful
|
||||
# on machines which are not permanently connected
|
||||
# to the internet such as laptops.
|
||||
resolv-retry infinite
|
||||
|
||||
# Most clients don't need to bind to
|
||||
# a specific local port number.
|
||||
nobind
|
||||
|
||||
# Try to preserve some state across restarts.
|
||||
persist-key
|
||||
persist-tun
|
||||
|
||||
# Server CA
|
||||
<ca>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDDCCA/SgAwIBAgIJAP5ZrV6+kAU+MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD
|
||||
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
|
||||
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEZMBcGA1UEAxMQ
|
||||
VlBOLUthbnpsZWktS2llbDEZMBcGA1UEKRMQVlBOIEthbnpsZWkgS2llbDEhMB8G
|
||||
CSqGSIb3DQEJARYSY2t1YnUtYWRtQG9vcGVuLmRlMB4XDTE3MDYyNzIzMDc1NloX
|
||||
DTQ5MDYyNzIzMDc1NlowgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4x
|
||||
DzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3
|
||||
b3JrIFNlcnZpY2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQp
|
||||
ExBWUE4gS2FuemxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29w
|
||||
ZW4uZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFxAf/gwUw+PD7
|
||||
xYRGHHmYzbjP/hl+cx60qwGZYbyitlIGIZ/0EjzSxyvL47EAB0gBHWuSofYD2L1d
|
||||
k9mYKLbBCAk+VdV+O1rPuE3DSc/T01vEEhlqYGfm6iTgKTLeIWFaPE4k5rNgGM+F
|
||||
A0LZXdWnH6/xj7Vp55UWl/G7/rzptKY9XTdBuV8pqFl1Cvs0dLlFG8JMyrl0ozEf
|
||||
w8cI8dyLsTSZWBEOEAaQQmwOE8WEPXwAhgXDzsQfXdMsKJlfMgM1nOlflux0AftE
|
||||
0Hi+jgTV9uvcjssOetpyf7fmsjvLwsoEIrgZcYK9cUtpO/sAuvDIo/cgbV3SBNIP
|
||||
68jXrrmvAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUToIeFIHrm8hxLLEiaJC/7tnU
|
||||
/9QwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9ShgbqkgbcwgbQx
|
||||
CzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEP
|
||||
MA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRkwFwYD
|
||||
VQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2FuemxlaSBLaWVs
|
||||
MSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+Wa1evpAFPjAM
|
||||
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCxLfN8SL5ANfwfU0OKi0MH
|
||||
cXlk2czIC9pcfrMaVp6gWgUKEqmNAC7NOqv8rN+fHXmfQhQ58s7SDqEJgYlfpwyW
|
||||
mAIT6D72NN2z8t4iYhu48R1fV+Ml7g9LfCtSOpJXezpzylKvNKAQL7QYOYsfZN1N
|
||||
SCIDyf9Ub65GLDiWmi3nrOUBlYO0yFddJ3c1MtU3aUAucMZGGGwORtEswqVzMcw1
|
||||
ZbQppHcWiwJ4nFNmTC6d2nct1ELrv2ckaaPT+HazFHVtiqkQ2yoYQwoZhjZqOAPp
|
||||
uxIR5f7mS9PtugPSuvf4aftN+7DZq6otfTEmOoIoN0dznV60Jc8xTQkzHuNRjwVi
|
||||
-----END CERTIFICATE-----
|
||||
</ca>
|
||||
|
||||
# Client Certificate
|
||||
<cert>
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFbDCCBFSgAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBtDELMAkGA1UEBhMCREUx
|
||||
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
|
||||
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMTEFZQTi1LYW56
|
||||
bGVpLUtpZWwxGTAXBgNVBCkTEFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0B
|
||||
CQEWEmNrdWJ1LWFkbUBvb3Blbi5kZTAeFw0xODA2MTkyMTQwMjFaFw0zODA2MTky
|
||||
MTQwMjFaMIG7MQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQH
|
||||
EwZCZXJsaW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2
|
||||
aWNlczEgMB4GA1UEAxMXVlBOLUthbnpsZWktS2llbC1zY2hhYXIxGTAXBgNVBCkT
|
||||
EFZQTiBLYW56bGVpIEtpZWwxITAfBgkqhkiG9w0BCQEWEmNrdWJ1LWFkbUBvb3Bl
|
||||
bi5kZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKAl9KwrJEY48kbO
|
||||
XtG6vxGxp8AnOZe6iFym+KACyXX0rlJckTiFrptKl4CGTdrcz/7T2F51g1ZLHkI9
|
||||
VQ2aLDB+Ucjou0WZwvJ2UeigYlt8LUSReM7qC5rcoZCHTgKDUGUr/+8Ste7nYYGJ
|
||||
I/a5VDvdCdB8o8Y/++3qRpLhaMluETAaLj3P8cGBvt7fceP0vqL6UJ916olD2bWT
|
||||
ZxD7LIuyhCRz47MZzrkUxQmP3HN6PI6Hxpe+4tzt1GWrQnmwGCyVs6rEuZEXe/GP
|
||||
vfD1WRJ6iFwJdhmpfGeGD2XVXqioYM7Epb5xxZy5TBuBoDvuWZAbfhmgvh7zXCJ9
|
||||
cKab3JsCAwEAAaOCAX4wggF6MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVh
|
||||
c3ktUlNBIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUt2SyE3NU4JQt
|
||||
Kj2PEgqCG9cXpnEwgekGA1UdIwSB4TCB3oAUToIeFIHrm8hxLLEiaJC/7tnU/9Sh
|
||||
gbqkgbcwgbQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcT
|
||||
BkJlcmxpbjEPMA0GA1UEChMGTy5PUEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZp
|
||||
Y2VzMRkwFwYDVQQDExBWUE4tS2FuemxlaS1LaWVsMRkwFwYDVQQpExBWUE4gS2Fu
|
||||
emxlaSBLaWVsMSEwHwYJKoZIhvcNAQkBFhJja3VidS1hZG1Ab29wZW4uZGWCCQD+
|
||||
Wa1evpAFPjATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0R
|
||||
BAowCIIGc2NoYWFyMA0GCSqGSIb3DQEBCwUAA4IBAQCUdZ5sr8Dlw9MXPAH6Fc6u
|
||||
N9+0MHocHA6gqL39wvnyVvz/K5eoGiUSoXFags4wVj8gXt0ydpq893GR8DhTKH7O
|
||||
aSg84wvzrTfWIxYH98JCEpMgVXKuZzHLgRgeiwTg5LeRrT5xGwowpBy6wjthCUjE
|
||||
jSRVB1B3HuE6dYNIJSnRd2Amv+YNoXJUwShYr7zy3WWaR/GkEP/LeMn1EzvkWqQP
|
||||
pdh4Xg7ni7lh3+Fyt1879d665qlwWGg8QhHyw7Bu1X8mmZ2R05f0YFZkV99ILSEY
|
||||
Ab55w/w+T/7RzfNxE1926av0GHhAMr6ybXKxABf1t33Sa9RGZizTY/Lw635l/lqq
|
||||
-----END CERTIFICATE-----
|
||||
</cert>
|
||||
|
||||
# Client Key
|
||||
<key>
|
||||
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
||||
MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI1Veh57OJg/kCAggA
|
||||
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIGb91ZmXtibBIIEyNonyB+eF+2I
|
||||
NwQeNXzcqL/jiPNiTN6Wk6VD6OUeDejhXXgoVAC3x8fs+HPMdMqAQCR4gXlCJMCd
|
||||
W0Jse3QvmH+46KkV6vTLaNV59lZonZIod4lp8J4PQqH8+s6o8SJ9sPypx7C9AbZf
|
||||
Y+Ibrv6lp4BRu8vL8e5PAUoltv/1NlxDyxALxJzO/wAFOQRNGtjWcSBPKDPXURR5
|
||||
DGhz/Ody/5LilOpC57KmphlCD4Mx4w94NalsBibE0aumT7I9wKeyHKrkq4sJBUHs
|
||||
/M22S0blCfXhcvf8bQc1+FzsBWp1+UtRTgEJuiwFRKLK4APxvmXsXpaDBOM02F4K
|
||||
a1ZFiQtrJLCLPfShV9/DL6rzX/bP/p0kwpx7valpW/nFA/iCRuyNA3isaB+NC9Lm
|
||||
XaOPETsxPMxS/BsFDiMvryeDC8KEuuAa/WEizq9Z0xWYKvOYgan1HKoWvRvzmiC2
|
||||
7txnrPK/axiwlha1jMZxTaHCGy6b6w08gz6ss+U1vPT4Qb0fK4Ovnbs8zh1/U8AS
|
||||
z7kDsLRoxfSUynkYSYJjaJRysqe4YcDCcUisyDRYIQrRYgZk3h2pev1aell91F9R
|
||||
LgHJ9mWECqB5xni80B/MpPiF/gWqTb316iPse1g+Bp/dAGl1tDHppUl5Z9/wqdMM
|
||||
9ULtJOZm3EYfgOHNFvpDwNlLFEAB07PO4+oMByL890Ym3tcaoCt+d3fx4jmmaJqA
|
||||
qqD2Wd+f8628gbhsbGq0Mex2DqAiOig96X9awcknZrs7EQIFvR9cK0wl4uEt8FuF
|
||||
5tBPPY8Tsjm3jphOw0WBe/E4DuFnQsnNcsKmEOTOn8125UkQbPhlPqCOBMlcw5aK
|
||||
L7b3ikd79zFTdWgSAao9Sf9/xhHNwsK7IBE32gXO6qD61AnOQgihKzi/ZV2Tp90P
|
||||
w6I3EZ5oP3BNnPp9l6nvGYe0HnkNqUigcuP0w28M3wj+nX+cFVZD++3uTh7xOJM6
|
||||
+br+TBQ4HDZ324PqiMXF45KCRvUrQ0ubRa9QxaXGVxpA9Rn8L+nqPkGocrrg1tb8
|
||||
eeVYxLyQeQqsDBjO7w7rDL1ZHra72we78/3BkMS5gv2tQoAqPhAEv/43J2hyp3cR
|
||||
0crZ8elxduaYXscDob56mYyBaDjWaOeKbGrm76yB10leEmN9MeHI7kQVur8/J/cI
|
||||
GjK00zp7dY4/WorFxPFuSFQjeDnvI2bLlqdYaX9d35lLr7s4TYlAXM47+j9QzyMp
|
||||
Maos/5/uUTkoyKiZbdzE0QoLlGqqoFGCWA6TgpPZHW3uXmf4gU9EQzTVHPcI6h9B
|
||||
2APQiECFvDPTHtlDaU0f8b14k3KV4KBEBiFCa7yBnVCGOt74tz//cPOft1Jf5vph
|
||||
QRhgNBw3l6rivM1QnMIKFuM9gqC4xcS6By+2+Ia4Ddo+SIEvDLEHtMs/DnheVkNi
|
||||
e0TAiruK58J5nvdXf9h91WdqPhQAU4BRGzwtVX0yE8D6nSCvUZfaLT4tukr9kt0H
|
||||
393u4t1/ruz4hpe4vCngnKDfSk/kbMbXF/XaDzytTO5AoA68CgS5pvhGpmRzVptk
|
||||
aHglm1S5S3yCB0+ye2jDTBnckUIs+XXy8Uej6fJBon25HD4hyiVPIXkwOB78mhjv
|
||||
AQwv/QUSTX4l1owOvSvW4g==
|
||||
-----END ENCRYPTED PRIVATE KEY-----
|
||||
</key>
|
||||
|
||||
# Verify server certificate by checking
|
||||
# that the certicate has the nsCertType
|
||||
# field set to "server". This is an
|
||||
# important precaution to protect against
|
||||
# a potential attack discussed here:
|
||||
# http://openvpn.net/howto.html#mitm
|
||||
#
|
||||
# To use this feature, you will need to generate
|
||||
# your server certificates with the nsCertType
|
||||
# field set to "server". The build-key-server
|
||||
# script in the easy-rsa folder will do this.
|
||||
#
|
||||
# Note!
|
||||
# The option "ns-cert-type" has been deprecated since
|
||||
# version 2.4 and will be removed from later distributions.
|
||||
#
|
||||
# Use the modern equivalent "remote-cert-tls"
|
||||
#
|
||||
;ns-cert-type server
|
||||
remote-cert-tls server
|
||||
|
||||
# If a tls-auth key is used on the server
|
||||
# then every client must also have the key.
|
||||
#
|
||||
# Don't forget to set the 'key-direction' Parameter if using
|
||||
# Inline Key. Usualy , sever has key direction '0', while client
|
||||
# has ke direction '1'.
|
||||
#
|
||||
key-direction 1
|
||||
<tls-auth>
|
||||
-----BEGIN OpenVPN Static key V1-----
|
||||
36188fa3977457d267ecae99373870f5
|
||||
ef6e44a8899d4f5ccc831e9d2dbc31ac
|
||||
e171c7e8e49e0d2edd43c3834a2d0099
|
||||
236aa4924c80971b0a34310eb69b70e2
|
||||
fbe85a7395cc10bea13ad09efa46d738
|
||||
f594c332d26c068b289ba96bbb1f661d
|
||||
efb873b76137057a62b4e27b522cfce6
|
||||
aef7ea67ec2540b00b4782780352addf
|
||||
2f7722d1edd40a8f3de3b0295e2da07e
|
||||
b46d196a4cbfd85e47739dc320af6584
|
||||
eb960e2c5ba27bf2f56381f8eb3ceaf7
|
||||
cc72d829ab05aaca6fbb205b78606ff8
|
||||
cc58bc336adb644adfb0034f9974b7d9
|
||||
f2b1308249cd74ecb555a550af6af1ad
|
||||
b15a3f03ecef5f89fa70d2fada97a1b8
|
||||
6179b0d487a6e3196209d053597a7416
|
||||
-----END OpenVPN Static key V1-----
|
||||
</tls-auth>
|
||||
|
||||
# Select a cryptographic cipher.
|
||||
# If the cipher option is used on the server
|
||||
# then you must also specify it here.
|
||||
;cipher BF-CBC # Blowfish (default)
|
||||
;cipher AES-128-CBC # AES
|
||||
;cipher DES-EDE3-CBC # Triple-DES
|
||||
cipher AES-256-CBC
|
||||
|
||||
# Enable compression on the VPN link.
|
||||
# Don't enable this unless it is also
|
||||
# enabled in the server config file.
|
||||
;comp-lzo
|
||||
comp-lzo
|
||||
|
||||
# Verbosity level.
|
||||
# 0 -- quiet except for fatal errors.
|
||||
# 1 -- mostly quiet, but display non-fatal network errors.
|
||||
# 3 -- medium output, good for normal operation.
|
||||
# 9 -- verbose, good for troubleshooting
|
||||
verb 1
|
||||
|
||||
# Setting 'pull' on the client takes care to get the 'push' durectives
|
||||
# from the server
|
||||
pull
|
||||
Reference in New Issue
Block a user