o.open/Office_Networks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1c4c595cd6
Office_Networks/CKUBU/openvpn/home-ckubu/chris.conf.sample
Christoph 1c4c595cd6 Initial commit
2018-05-08 03:01:03 +02:00

259 lines
12 KiB
Plaintext
Raw Blame History

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote ckubu.homelinux.org 1194
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIG4jCCBMqgAwIBAgIJAJJFyNRqWYU3MA0GCSqGSIb3DQEBCwUAMIGmMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczETMBEGA1UEAxMK
SE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqGSIb3DQEJARYQ
c3VwcG9ydEBvb3Blbi5kZTAeFw0xNzA4MDkxNDAxNDRaFw00OTA4MDkxNDAxNDRa
MIGmMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJs
aW4xDzANBgNVBAoTBk8uT1BFTjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczET
MBEGA1UEAxMKSE9NRS1DS1VCVTETMBEGA1UEKRMKSE9NRS1DS1VCVTEfMB0GCSqG
SIb3DQEJARYQc3VwcG9ydEBvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBALae3zg7UYlmziw+LCYVg65H+lKNOcj/JArsL2MOnYEcmrePLI4e
GWRppLVpxKeG9kIpfVglfqRDdEY9eOFguJs+MsKwwRi2LzY1rCjDazCjTnQ0L0Zj
1RqJT1LqaEkzLv0cAWxza67K/n6vMaXxQ59jNAW/bOik1SogHiwrT78f2e+Zu3K8
tqkuuDwtwbU0jzL+m+IuHNVl1CTcAIZRmFbdxpWfi5pocrbOIlCwXbUP8ltp/E/t
xLKQqBP3ccgFwPuCGZBymUcpRdMgiDwifYnZK3H4STLSDN4b6K1PclKh46QuxDv2
egap+vctIKJRLguAPqRVjSoYK5UXUcZC+R6t8rHvxDGLwvk3IPeEI9z5bCvnm8cw
0e4/dr1EDjtwHXtw8X6DDf2biNmq4edCRxrgyQKwSOAsC4MhzFNPM112N1nJNrpR
nXNCKRNGF4MdI/zFqRLraafk0eT6yP9/6lmoQDJsjhUH/ziOB+cPS4XmUI/XwMF5
c56mD49gdG4ZivDtJeGcdZ4TSbD/lvc3yI1ECgouFPcBAJHwendA29xYMmuj4oCP
stW7N8HARZWzfwIdbB/HHupHIZ1HV4ACY0H7Sju6SMFxWi09dl92BYG9rhMW/M6A
+k7WxW0IEqZyQgen3fTRw97GJXaLM+anwwl89c6trOaME1ql/w91lAInAgMBAAGj
ggEPMIIBCzAdBgNVHQ4EFgQUXaBXd/nJzd6Iqb7Q+/D8ihm1nfAwgdsGA1UdIwSB
0zCB0IAUXaBXd/nJzd6Iqb7Q+/D8ihm1nfChgaykgakwgaYxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGTy5P
UEVOMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRMwEQYDVQQDEwpIT01FLUNL
VUJVMRMwEQYDVQQpEwpIT01FLUNLVUJVMR8wHQYJKoZIhvcNAQkBFhBzdXBwb3J0
QG9vcGVuLmRlggkAkkXI1GpZhTcwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsF
AAOCAgEAquNynEChfqP/lTY48YE3xhDycq0YF0WimD5NzKPgrCIP/1x3lyufzoiz
8DrqVZ61LKdJUJMcWRmyqiXS3WZFX9X7ktZvmf37E7JUvorSuF21PMm9Oj0yUsUX
y0AFUiH3fpNhCMxYiCqS85wWBy1+/6np1RodihGTPcLwAGLIVGEklyffyamQ2i2E
TZwZrZJrmLyzsdn4PT3vJyfAUUbcpgf32zjEZCCozlSdisZi8cn2pL7y1pcXA5Oi
gvLhDNntYTKcE1JjWqa/989JJgvvYD2fgCo+DkPw6i/Dic0UAZypHLKqiCc4f3Pc
GqtaY7nxQjMSGVnMjEn2yzyFtXep4lXn16Nh8ZnGbEk3dqCIBS2xzjcUs6YRdyMb
b2JIflNuI4Wrqx5CTyMM7lSNapZRPiP7Qw4xyq+og1TABJuc+9A3Pj/R/oztoHim
9p1zCM4m3tEBUCkYxet87BojVn4MQ37pees1Xi4oAFHqU5mCwpakO6rVOt4Y4vyZ
K4eF0w3NoRl+z4tbDFh+RjUj5tChKcMxaSitCsD0GGvd0nlO550tbxjMZlchpLhP
xG+rcU6098AdwAIjESyYfowVhHT+BDTefXphSYMz0ImaiBzbGwEmpce7sD1bYFSn
Wer/Kh24vsIIxcO2PNEKvQbO/I7YD4Yjk4pVGTUgD54LLX7k+7U=
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHQDCCBSigAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZPLk9Q
RU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMTCkhPTUUtQ0tV
QlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEWEHN1cHBvcnRA
b29wZW4uZGUwHhcNMTcwODA5MTU1MzI1WhcNMzcwODA5MTU1MzI1WjCBrDELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxGTAXBgNVBAMT
EEhPTUUtQ0tVQlUtY2hyaXMxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG
9w0BCQEWEHN1cHBvcnRAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
ggIKAoICAQDA5DrGxKOrIDkG6bN41khikTnVEWmg35qFA1OkbezVg8e0tuhAhDqh
ugWUbbKJAj/KIwQS1z/8yNfkb5GKNEJYCnUvuvnxc/AKJ1c5DrijeRm5PHyXs7sn
RFm+EOB5G+czct5JEfTUkVsftSZboLhQ+GESNB4DJj7cZX5Eb3CQQm60a4cBMzEa
r9W7LyWBQEHcuY3oI6s/R9g72QGJaNQWJklBT4TOcnz3nvs5/SYvvxVsykqDD8ii
9SzqA3zuvBoTUHFaw7YfoBkclQ5ziV0iNYUXb937DArbvnhNbDxb9EjBCmJxZ8Uh
ryVIyLnSvtLgar3I/eHFeJEhxwdhmNuYR1tLKjkVLFb6rTWZiizRUSUnidNHXbu1
K/FbOsurd3ZRLMttZNTc1kNdXy3JDUToy9rZOUpoRbfY1UnCNN2tWNB+U6wYgAUn
V1bZhWnUdX1stP96G3kIjff1LvfcheevgaLDNFDAtgRwYjawP/uXdybmQAIO6UQr
jLfA2958sGEKWrB1Pgy8kmvXE3xGajNDTP3UNFIJsc6/nE7DaA8VTuVW0ypgNSwS
uvI4HJnbxV9YDCozojOVjN4ICyqDtBabKbuZ6C2lvrMsKMrvUTkdVei5YJELHH6f
qT0Wvgt+YjGmu9LuG44v2lKWqw0oxsnnhElcmMyuimrWiWH0FsflJQIDAQABo4IB
bzCCAWswCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJh
dGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBSZ3aK5+DrQI6Jqd/Rr85dJ25MefzCB
2wYDVR0jBIHTMIHQgBRdoFd3+cnN3oipvtD78PyKGbWd8KGBrKSBqTCBpjELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZPLk9QRU4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEzARBgNVBAMT
CkhPTUUtQ0tVQlUxEzARBgNVBCkTCkhPTUUtQ0tVQlUxHzAdBgkqhkiG9w0BCQEW
EHN1cHBvcnRAb29wZW4uZGWCCQCSRcjUalmFNzATBgNVHSUEDDAKBggrBgEFBQcD
AjALBgNVHQ8EBAMCB4AwEAYDVR0RBAkwB4IFY2hyaXMwDQYJKoZIhvcNAQELBQAD
ggIBAKh8doaLAtydm7PEcC7QAP5Uc3TNqCpfNCDApfjLpl7rdKrgAnmeV9kQ3IVq
AAeyl2vuctEbcsX8/oNYEJFuUIwNf4mFDdp1Ifq8/ieCw2KLDU3zYH8sKQDTZHwT
w6xuXocuVQ5mcwwjP7ERmYXUnnnHAOgSvjgXBBtNV8tAYGCLDkjGvcUZ0oNVBgAx
Xoewhmd+1Oozr9I0YH1EhEDECVTbivb0So+2ZbEjmOXhSlJdgdi2MO96dsEOuMjH
KMVTqBhMNtBOHXtDbfZC2NwzO5RcAV9FeWkHj6oaWIEl7RTiw52gMTygbx6ezZT/
2fKq7TrY8fuRWLmQ77+TwIkT2oyr7DjJ9s+kY3AU7XKAZHTUbhGlqKsWUiV/3+5f
S1v/4hjtuAA3JPOToBcEn9YAR2djavYIRM82YbRByHvrJZkCEnfOs57Wv5XZGKLK
J4ph1ikT+lLBVczZVB14Elz6Vz0/CHlT2Q6/MtENpLyJop6uVCTmpIiKcfF+kuR3
/f8pdXOzGc1nOwT3g75A+D70nWaXULZUBlRKJ3FZCo+Ecx73YRhU82frDL9+jYiw
ui8IfDjmAQIqFivcHYLizZtpJhrqa7oG7MY80lfsHTPnUU/jkdRBYBzGk3yrFXpE
KN1k61XVk3Iv9lDA/Oa9/Q85eSmj8a49ZQ+GLsTaOx7eBi8j
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIQu1w1fZPHpMCAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECFN1kcfwGMq/BIIJSDyJVQRMO58N
9RxwtPDyai8u6aTPghUdUdTAxnVXw/lDSJ0mJbSRm9Q6D7t/+JS+/wGAldmoZUHp
a/jVAOtSwplaO0RnsHXtYA5QxrjrsrDdMXIQuwFOHIu1x8n/fE1mUnQ3ca9Q9wwR
qFj+/oDNw7eYHrps0k/WNVlo83GCa9LUX9bXHFNhPXDm5RGFHhBT9cMPmXByii7J
j+7MVCiOSgi4alMPGgNezDVBzJvWip3GzTH7ivxLZOl9ETQ1GpmaMS//9BLoO+2H
ckghogZ94Nxq6NFRXH/618PKFzahcnBbqpuIbo0wzpx6WS64hsHUwnqXFlTzTeXs
1Kkg8uT/hy7iMkGTQsdOqsHweUR8KoUbQCeHt5oB8xUkDBrjIRSxCwkfnIs6fsWW
EEoRUCM4cjbmX4Owb4ywbRzbJPjubkNs2b3GKo84b6Z9lS/02VP9GjB6n8hDx7b/
gB1fcRPLpzdNFq5hI2twKZw7XiXU6CeG5FrZcDdsOgaEsDXbEkGMAnBOyUkusmSi
7McHm8BHYs6JynQon7577W2cuw4WAlu1fmnToXBlB+zivn7C0ywM8/V7ZAFMXH3P
BO//emkfZ2CbBj4tjqq/X4vYLVYwTgjeOuE16w7QORfGAQH3/g84nHGKmRGQmf8C
XK3zC3ybOkoXzrMmOfFRqVkWLI9NYSFXypd4rXPOdIT/PPxHzoZV9Zhlb+fobNy1
yt2ProN/eHecTgJzthizNpbp0vexQSnEfjbgn8KEiEBcHm7cYbcWxM7bJtf2VgdK
lSa4H6xX3bndC8avZX3tYdGda83p0NA34cT0V3zzSCiBXbSEysfCoEGpT3fgVxrO
gc00qgief0oNdTeO8qnGjgc4SgsxH1yzoFsLsZ/JoHfeap/AIO2axCyxf1yPOrsv
lTUJPWhi8Hda+1iaHElSFsKBLBMnty6mGh9J2b5JpmGCbjOKg35G9G0gZPbo7hP1
Wfte5bXq+Ur+7sfS+cj5DS+04p4xygI1djc3vRk+QJxd5z6gjKuJVIpK/+qRTzP/
6vtnE/59xFGmxKZsgVW5ZTMM0e0eUneST4h1ciCAmqdXsTAIoLuTXi4gkf/P85Ye
7NoiPc6SamqktvUxDTP6nGP906LhnNxjhjswhhi33aBXLKLLbNKm4aT8bBm+DISh
KRa3qK97Q2GwEpYp6xticBa5FNHFPhLWBzB9Acms77lRQ+V/d1qZ+EBnaq3zv4tH
3zSfhimNyhWSvbl08Nr7OSWJIYQzpHKiUpqypoWmrBCpnBDSdug3h+qXf99RnQSJ
5xGe87H3v8xSub+f3uZMf8S9LxQuWDv+bGUfxXla/234duO8E4CcOBbiMdI1khcO
XPSKvqEuwdnZfDNvxQq8u5R83zI/zMh+/KI8bjo3qe7O5TVUpxb6YFM74KuGLZTW
EPWTJereXtVQYC+dHl2An41RKO4+4wXFPf9etILMwCtvPrnYompz9l2lEKfA7WOP
uSFH42JayyhaTjvXsdPPQbeZpCKeJqsESclF5LfXxLwPAnfRWlEVXEht+j85Q0oX
UUhzS44LqEGzrFgot1vp3au+7PsxyRBCg96us6E8z151/VxX1R+lrmaUEQweh2lv
tn1ZAXksB7AisUu3Uw1nz5JMhn0tX3/NKKyQLHwwcrlH51Bxrzhlrpc0SsKbpjcE
4r7eiT01S9njVOIPJVaHd/KvdyhNXViKMW2uF7dc8viYPjM3xnEnp3Cp0BFnjEBL
wjAcxhaAvwUg0TG7s3IM5RiqOsUCmRYN7n/hJdZF7/5qtwkIB+5BJ+ow4AdPSdym
AX8ukmiBjhvgQq8EAlDreQeWVXtAY8HcHkU6KjIoFVoiLCqrwTVSmxSXfLRuw2NG
cRdnGvoZ6LxF69ocap7kgulT3haUid5w9FFEuzDJtW8bdTlqCqgUdaukLN3mOjEj
C+3ynprAD0JjcU+4Q8ZGX5Ozaxx0o/dN2BaTnj872434V0XSUcsdlssbVoFfQe1Q
7ftu05xbSTpQi+aj+BqDltwHezifev2UpRFMENqIkpSl/jKtdbaapBk1uxxDDnX+
a6m0b7ykrVe18TjiiSsGGf0TTuwvcJW6bmh08Eg+NitDl5HPHabLUY8lornzbw68
+0C/wVllFiX4WGMJ33FztI6/DZdIa/tTEEYQKn+WDaPVwKFp0j3kzfUBj9zHDC0J
YJbuQJ/nq52rqADqbEBlNv2DYwWgAA2znk2yL0mUT9IwegE6nw9/X97zr5tgtkni
PPP+MI/H4seURLnkyr2v//0niLPAXwiru9g5omMbWYn78va3GcaAWvypRb2VMyX4
Ve4rb2gdXioM93T2umZbAph0GtjZ/jSnKobq46xl4wuxqQ2qRWDlb7I1Eda/Hn1O
oFBlJ8T7yaBWLsMHJW76lWIov05fYRRNQvrOPB7+Jz/TxhAGF75GZzLbN82jCaRd
jJCbfdc/DCYSNAkCuLcDn00BGxYCQ70Mu0LVG0wrnyMIg1JXK5oTZkdsNPml9Mij
CsNLf3Wh60iX9qWt3rdSppO6mCJKmWIfyTS3tfxB3NE+/M37KtrCK76fhFEfYfHm
7xhqzsq1j5e1DXxhrqtQZPTqAuOLjbQzsTAyFFJJKz1aZk1dOFFrj9hmsIEwBUe/
6zrX+oPk1aEmT4qGb29DMn69ruUlcZQ+5kIBGMXPsnBV7TEm30HE8QGnVWUOlIZ6
1etXLSJsmCEkV81N4JZyNDGONzvuqGnoDMeEE8d9EnztwGIEUD2lLmiWg3PKsvgg
/dWjirUdVRVwb7YTZL3NsWn11TehCMxUFSXDYMVWcRTaYLqMNLDlZL1zAj3YRzDV
1iGR7s+Jw5VkGZrSqSPuRW4dBjr8JulHimKhRCZw/cIzl9EXISsVRP/gFEc3OvEl
TrpE8hsvOrKd5wWziJjJ0YXHTjXKoYjeD1Cg95oZII3iEJ6d3k80p73QHcC89kyF
U5KG3WtaGrDmS/aw7UpNJQI6UuMSli8bsvmTO/ko/YEKlN75YD4doxuHAYz1s2UB
Ii6EFbLrhG/Lk1VP7AxTSyiFSY3iS1l92fvv72BI5J7G6Okk66BWvdNUFH8crEXJ
woiQ5eUk2Mv756C4fCIPmgv3zv7T71r3L5mc6hQ4MEuVHDfSvFfiRd2w2z/5WjKy
JY+xOBY3LmvpvhogMLpFhQ==
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-serve
ns-cert-type server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
1c8b2c0960c29ba0f8b85d20cf7654a3
2429c0a7e6c898f834473377846b349b
e5070fadf83aa6f2143ddedd5fed69b8
6b4303181d4cf8b130777033982585fa
24796676d2c096db93d8ec0bf221a33f
974c554b7173faaa46badec409713525
927fdabb473a3e24d309983c858b1b7c
7ea88198f4f01d1a5c2fb6920a1dcd4b
d1a3918e736899803896aa1d43ad131d
996e9f78bcc1faccb83276e65ca43626
c4b0de36dfaff3be40276a0126d15690
bf7c3baca7d51d4ed78efb8248d6e3c1
43fb2424ed1b31e7a2cb14506a3d5fd2
3f3f58ee93eb615044fb6d0d345095c8
c0c5551065d416d1b6781d8436f8afb9
2f34aef585ba7ec0a977386b3a3b9c0d
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull
Reference in New Issue View Git Blame Copy Permalink