o.open/Office_Networks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a7d5b9623d
Office_Networks/CKUBU/openvpn/client-confs/ga-nh-gw/client-gw-ckubu.conf
Christoph 1c4c595cd6 Initial commit
2018-05-08 03:01:03 +02:00

271 lines
12 KiB
Plaintext
Raw Blame History

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server
proto udp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote ga-nh-gw-widsl.oopen.de 1195
topology subnet
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIG2DCCBMCgAwIBAgIJAIfpECeVF6BJMA0GCSqGSIb3DQEBCwUAMIGiMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczESMBAGA1UEAxMJ
VlBOLUdBLU5IMRIwEAYDVQQpEwlWUE4gR0EtTkgxHTAbBgkqhkiG9w0BCQEWDmFy
Z3VzQG9vcGVuLmRlMCAXDTE4MDMwNzE4NTcwOVoYDzIwNTAwMzA3MTg1NzA5WjCB
ojELMAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGlu
MQ8wDQYDVQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEjAQ
BgNVBAMTCVZQTi1HQS1OSDESMBAGA1UEKRMJVlBOIEdBLU5IMR0wGwYJKoZIhvcN
AQkBFg5hcmd1c0Bvb3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
ggIBALlE1NE6tNFSDcmhjj9yyWXd1gXn7u3sk7r/gLyvUs1yIpmSKRlMJOh7kXUQ
AXiPsNavC6QFDMq1mFjIuhkNqpl8YC2NgWhfjsaxi4+oa8d+e0nr1Y0jHkLKOWvT
OqKHL2gqFeumOPNOQ1lyoiQzcBfgs28WLk+hfeqv4CPPrPRAXMv0C3jy73T+ZHr7
MCCxpNIcbKZO4vxaPWwi5pnBS7RTIB0OGOEgoWTpryjRiiJ7xuZCF8bQTfucS6fl
9sm2wuftifgU2S81bmrlQ7Wfkm2Xr/QaEKCS/nMhdju6UaC07/22SHGqaqT7eJrr
hk3psq7ecPRmMTj9neN/yYoDByWFUz7nhGmVnCXOO3Ct8KjSeH75W0vf9rCOwY+/
7YUz7ACiz0itjQlj+jdHqwvB3a97v/mf2WFVhbJ84dhUUeW9CmaebLAJMNIqccWX
VibBtG4g1mv9xm0oiIpyNW89Zo24cLXX46P6OAukwSPVnTcfyCxZo2g1EHVVk5oI
nti2sR+h6aabRR+rmPqym1R4rbPMZjDH3NNsazdINRBGkY2Igk36xYFLydrpUiKr
uidboUu/85wZr6xKu7QJYjliP1lkxFuIuzlGFCd41q3CgYPNKO3KPLAeTOzaa6yq
9alxtqs3z3ccOaXyjp/AsDiSsH8qoNKaMQEFyyQeRppNOkgJAgMBAAGjggELMIIB
BzAdBgNVHQ4EFgQUIhsBj9GmWfsTD+kHmHt1fFK3SR8wgdcGA1UdIwSBzzCBzIAU
IhsBj9GmWfsTD+kHmHt1fFK3SR+hgaikgaUwgaIxCzAJBgNVBAYTAkRFMQ8wDQYD
VQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5vcGVuMRkw
FwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRIwEAYDVQQDEwlWUE4tR0EtTkgxEjAQ
BgNVBCkTCVZQTiBHQS1OSDEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWC
CQCH6RAnlRegSTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBkQr2/
StSTSKY3Q3OfZzh3+Lqq5Hppk02N4WwwQ9d3c7TQowoHnI/a7llgAb9gu1sExL2p
9QSj+M4sEcSnouLUdnHDArrxJ78AHBGnPq4hHODChkrGFiqvw4yXsNcfhOdv6hrL
LO8OJJyenSnaWL/gCqKDCjdrsB28I65ancGWyBN55UKVGxDpQi14cT2ImSPQAIAy
Rlh7l6uZ8l9SRLtvnjZ7na4VL5JUsXYUIHqc9qUoRwF0At5UmnIPwXZvG0GgA15B
h36Cqf21WfoYZwdff52xwKyl3qjdt3h8tq3XuAqto8rk2Q0aawDgrC9tXJwKB3mo
EZVX1aAxmdDGKIQQzkoU6uR6tYum1H9XFci9QbBMhADLiE4ohn2ukjSV7Z47Cr3+
sClUbqxpfJFIGknSB0KZiFBsnnrB+ICDczPljyHoXbgDV4NvUnKFjzpnFfIhkSvR
ZOm9Qq51b+4XbmXX/+GlsxWYcM2WfkYRaJcRk12z/6Oi3udKB7omp3oI+ZGRvI3D
Rsq1cKwPFFO3EiyPI6GV8BdYTLZ51WSgHohV5rI9c6nre05AB+97kQDUj7jz62P2
ERZr5oWSViGniiQtgclFuMWY+VvuT3DDNtdRikMy3f59S0vslV2HkgLugXgu6RFL
keMwZh7pXr5MP/CUpGgsLMHd627uIuryVYbaLQ==
-----END CERTIFICATE-----
</ca>
# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHOjCCBSKgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEjAQBgNVBAMTCVZQTi1HQS1O
SDESMBAGA1UEKRMJVlBOIEdBLU5IMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bvb3Bl
bi5kZTAeFw0xODAzMDcyMTM0MTRaFw0zODAzMDcyMTM0MTRaMIGrMQswCQYDVQQG
EwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoT
Bm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEbMBkGA1UEAxMSVlBO
LUdBLU5ILWd3LWNrdWJ1MRIwEAYDVQQpEwlWUE4gR0EtTkgxHTAbBgkqhkiG9w0B
CQEWDmFyZ3VzQG9vcGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
AgEA3RJLZn4alzVmYVq47nEh8G3YHJ6j2m/5QDtOE1L2sYYVUNV6FvIlQEsX9aDW
S0ufoShyTeN3XjKXL/U88C7s1FK37Fo1l+jnsAhkxCraGeMxGrC1qhdo6lgRvDhV
tQjJR8teGtIN7iYK5jLDEq+0J1U5DS1ORVmOZ4b6TIjW8Z97zeiVQc3bsu8Jqdct
Tb3WKa9G57ZXN8eP4huyrXA1qsOWfkkrTPJoieuFcbqBZ5ylEQvPvgcUek90J0G/
6JKe0z1DTCEi5KxMv+ueWvrT2qFzGybEVWwRNmHzjQUEJAOhNGXsCEZoj1HjKpVz
xMdtQ9f7/6BWUUwOR+qfFMO4to8MbOZWdTjGU2jMlgB/KUzbmqgOFUhDxkBtpDwp
2vMaRu5Cu5vbMXjrjnV8r2NBO/5TUawzsXkNWMytRMHux2UOgMY8Yfzvl/owCI51
6YISg8C1z1VlGXiHYWtCOIb/J8kgtHRO0TyeX1oflXqGIvAexmcOQu82YiBKkqwm
LOMbHOaJ5bj4FUT84zl87gfePXJyCs0dyTY+y18+eUunx6xvirDxt2aAtwwbrKSI
KU7AxqkRm7hn9W0jdKDSFBfMEp5RP3IQRgUT1Ww4IW2YBWphCk3UIWt/xnozHUVo
xPQ6sj9xPBul/GuOPmDngyP6fIRdlrXR48nkDXd6DzzpUx0CAwEAAaOCAW4wggFq
MAkGA1UdEwQCMAAwLQYJYIZIAYb4QgENBCAWHkVhc3ktUlNBIEdlbmVyYXRlZCBD
ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU/RfN0H8Xjr2+04e2mjbz15uj0DswgdcGA1Ud
IwSBzzCBzIAUIhsBj9GmWfsTD+kHmHt1fFK3SR+hgaikgaUwgaIxCzAJBgNVBAYT
AkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMG
by5vcGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRIwEAYDVQQDEwlWUE4t
R0EtTkgxEjAQBgNVBCkTCVZQTiBHQS1OSDEdMBsGCSqGSIb3DQEJARYOYXJndXNA
b29wZW4uZGWCCQCH6RAnlRegSTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8E
BAMCB4AwEwYDVR0RBAwwCoIIZ3ctY2t1YnUwDQYJKoZIhvcNAQELBQADggIBAJQ8
Nc99G3xd7HbOjLFELWdO1CnoGWH9fK1OsFpbAtNKmPKU8Rf9uXfgaeydRsjjpP66
CnPfzCSAG12fR665becRzWqCiDexBYvegS8H3VlL9ExlB6BYnRVfj2EpU/urzi+T
EPnTcnaFuqRjt0WAM3MqbV7aKNy+kGJDMO9d50QEKBcgCK2iYL7VZyPAj30K13n+
+/wHydJAmPK4aXXZ4cchg9RBl9lpIIGIO8Oz6xfr5BfhgJjramPjGLHpJ4Y1pGrh
R7VI4Jzkkeze1MRCOKmQ+GaUePdou0w/9C/k0e7Pv31erVGXDAtcXHJ2qzxZO9u5
ZctJ+Ap4IhOs++GjI9xpsEnoDuOrQFOK0qREAZ0nFkkxQI0vbxGx33lzWdCkjS9Q
K4V/V7QvYd6R9ZKYdfg2zROWelTfIRRw3+Qfa/FFGdi7lzLLukCX2UfY814cMOJz
Zz2XqwoRxpc+YvfNaWJdUucxm1KOUzOw1LHzvi1pSzF+j73USlPZWIXA8PSkPcTM
UXYZNzHtv9eI+a3s+FIzrSrk/AGeJSSC8fYKw/n8h8Vp/TsfIYlk5DveJyVZSV4B
4a+sm9k/Jh3WlR0XCxutajGrUcxlfPkYdpj1mA1/c+I2eWkMQlpyXK39iVMn12Bs
qGFRp7CLxAigMKutOthbSiD5kZrZxt6poFdV0AuA
-----END CERTIFICATE-----
</cert>
# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJjjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI1yL8hnrdSkUCAggA
MBQGCCqGSIb3DQMHBAhZy5GBL/4zwQSCCUiDbKR0EKOVYrvrjTQHSQjDeGFwS2FM
cDmu+aDi2oNHKjxk1DHevNDbnxksCws6HNQvclJwJ1jdwVcq44QcaotGEfw7z2B6
wi24lYxML5t3uGpMrP/QVhtNXrxi7JgPG+9A9JHh1WCihwYDm8XQjytFTP/KvPAJ
E4vEGvVLJk0xRHsfhTYj6s5vX60Oe1SURv1mlQBQGyEZYCoMVQGFFUnc+Q/uRo/o
sTTJCkDUJgil/OzmkVVwHmrs1gqfHFp3ywlav7bqf38ixO19Vydz+LvqyuvtxYyh
QFb8ZJJgTa6RvpDrgoLFQ5Ry7rjgWhzSLonQE6qYGM2gvWcNLmOGqv6wVyV/inYy
S+fKB+clGRFM8SITr48eEQbLEa2NN5woidfplSmacQtflxiMPu9SAbgKWSzZ8PAU
XyTcEt7tL3RAnfhXdCMWsWNlcATDOvWXj27VcJmgVp+jt0GFpBacxpW//fB6Yqy8
C1ogguXgrQPRe5FVmVZOFgnbK5phn3qmWsNgDR/r669Ro1b4P34pSVTQb+VG9000
cjwb785IvMk6zwl3jdKacOauiltc6H42FWUbnLy7u0TYUvDSTa8YsbNBB1kQYvlo
kMlMJLx3o9SjYjZjPELAPHFGY03h04nWih5Ov0ygVNi2Es5+GQmj4HCl2tAMEgDX
p3FE33b1Gobv7hJv9ode+R7lDfvciqBUsFSE+1lIvoeqM74RUDrtDEDlGY0MTpmB
78oooQV8F5JjEkkxKZOsucIyvl5m6ZK5/N4gbHkjG0LKvyUVsAOtENxvgFPC6/zz
Qm/IbgjCDxYAFzmdTZL0nR6VMQH7VSUBo8rLhWbswbGIXG23YDDur4Y5Qe5nR4bp
h1f60fO3ziFcP/nmkJUdtNowT7GoueKEahs2OT6ub+aBZwE5nCVc37XucP2s/9eR
9Bojti1Zf5c91lUgnfey+9P61mYkEVIweHcC4nc39MYhlRzWZsmoFh5j8gwvEh0i
9hb+wNfeFNH2LDCoxwtbhfBudJe3e9eCMcDyO302LPtpc+e3mGwsdKZuaMZ07lTf
0YYOOBQMVOOHEQWF0JuKHLaoqPtikPsgCnoRteBG5sHG18PVqJGlb+vijzUaY7Er
AkdjafXA9m6YOo5H3mae89ax4xNfCUlu9buAIOjsM2ISKGmfRzWmCEA8MfsESaP3
w6gducanrAP1sGspy21EDrQ49ElxpPC6aG74ic2F2vhJfdtd6kQU/Azax9nvCJIY
xUaHVOHPPmDd0aS3EJma/Q9z+av1pGQB4hRZY/E50p8VtV8cOp2kSgUra+amYl5b
wk4SokCgIz/cW6S0wkI+jd+uvGU4rgxgNlCGdDEP4HYjdrEb1b5aB0N+Gki5LEYl
42qFQ6BOXxRQkydEGvPDCY0888Kivm6IvoEj8E+7C5/LVG28XcoQZWTI6QLMloQQ
ZYcOYgjnvvMRs9wMbZrUrSYFZtLfNttWrIm4Z1lMCUmahM6CSMx2gYCBXbhMeEKV
dc9FwL9wfcRmvtz2Hh/+EmW4tzSiwr0OxVXhdeSLmnzpAMPJBKhj2jxNs8mhj/CO
PFSxVBB4SZlyzsuViheq89ImeGAELOWpFmKDpbdgpY8ng+QEb4TJhFEWoK29XXfe
0ePEykrlYFn64ZDuLhWlYC4XgILkj8sJFCYGUv0D2mTSXAoVRmmiglhBvDyjOxHC
wgU10rNuYrMARoSUqGwxcznEzsoFYfaP4BXaifTgMOP8qDcXF2gn1c36QxLYIsLO
mu5xCK60ysNINePqJb5slxHlgC3hlDovukuvW/AZGuDHJQMnaiViJh9xGc3uXGf1
0X9dSvNsbzrjch/pX5HKJg9UBFh6q3tR7dRmT4K/9++iB9mzLA3xFRDBFRzdl3P8
ixWVhMMFRNM8b4uvKv/smeRzbbGTDXOG7qr+Jei3zJlEQAvqXiG9xTtp/i0IQm69
KpM7QCGgJ2/HukvywHrwidsVQT2SCkq/wzSlg8pnal6skBK/ncVZPW7dqufT9Csi
Zi5deietR8XeAs9mKJv+FyWL2+q/wMn4PBdHDqVDHaCgrBCSyMTJke26ytb4XQwD
WuVLLlHMwwR+BbFIcAyq5CShfuCboJUJ+FXbzTpOWduLWbZaR/EhqrZbv+9cmCj6
Awu3akR3QkdQJ6gHj1cUeGPtA1RiItVmQlkuMEokFY8oIolCEbzhGd3zfjo27InC
uzGfQbuVo4D9xFNbgEE3lRG8yARp5NXgwiEF8QIwoS95qjZ4h9IQoKs18ap7QYsO
GM1CLLvhuHFFenM61/KitgbY8WOrQilRkw1lAyIyzeLDc2i/aL1dmumbvKjVjQAU
0BwRHO6HTtUtQKv0aH/J/p37I9HUEAhbuXDpJCg8uQa1rhe9Ebkc4GCNDrDXwOaa
OQdguRGZGOJwlRx+5GnVqAdyGKrtqIZsBAYTSwB5Itb/xRVcPv+c4cFIQDFfcau2
DMn8ejXCSIAAlR9MykeuMpg2jRxMDknYNqy6rtasJdHUZrSE6wuTLMpmLSb2IUBO
BIQIbA8+0dOZ95M+5LH1wu+2D1JhGPYQ2iW/PfPMeaKZvtrKCvmWGHA+a07duor5
YorAhCKWEYkpClpRlnQMBoqnZugivE9dhhl5IR3CZDYkQRq4kfnosT1p8aAMwCou
PZb7pQk5R/hBT40U8U/PbHMLBy4wNCkSigBZTA6zPc3QrOw7gFQ0asioNCmq0L+3
UiDQ4zD12y7bXdqSvQfYTnmZew4De9sCW2A25mkYIyPmdc8T9lw+03feCCcvJeUH
xKa+OtKYsLt8pGkj6J6/1n9fOzDX+ExXtAtbsFhYrMlJaZuOg3aD3eB/MW+HbYn5
iCloFAbOcAAn+hi+ZHCqHUot/bYLzKVxHRT6fDcU4O7Ae/ysHsG9HztlRTSjz+Ha
2H+arhs1M4gs0KsqSPWkOuBbTuTL23jsIINXlqPYbWfepwOTyHw0q+OZLm19badR
3ZWJEvcRHFEek0Dfq0BjnhiCcGKMppAGdRcKC/1k3KvYRtV/4sSaHZdQvmAH6kyD
D5c9U71rOgzJw+cRhlB8yEi1f0r5G0ih3btgtTZfZ4NYk47so9hm5E7+/SXkaGWd
/74UNEWXt4YB/vGgwYG8VDXD3+FsjQA+HX20wzS4Is0z2TUf7vQblNiSypFEWEB7
3Os=
-----END ENCRYPTED PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
#
# Note!
# The option "ns-cert-type" has been deprecated since
# version 2.4 and will be removed from later distributions.
#
# Use the modern equivalent "remote-cert-tls"
#
;ns-cert-type server
remote-cert-tls server
# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
2465bfa0ca1b39fdae239633c579f730
7c1894c67cd8cd57107824be00af4ba6
77bb44be275b284684f1b0131cc6eb7a
8755ad6f5ffe282608733f6652c611f4
08f374e03ee93ce5d148a5c5b8d0a9ac
468136e0d5ef9718b9dee785fc514d7f
fe96e14977285b5a8c5cc27c0a864e68
44cdb07c51273b90c16f0fb2188228f3
808058fe88e5f51cbf5f802743ea8261
3fc042173bcedabe518ebd0295844f75
2dcb570c2bfd968513f4102b645113ef
7ce8d5086b47f4e10480c9e900c6e3ed
cff01982b7d910f795f014d4e7d44b1d
f5400b02c8d51383271c16f6b05a790e
a6e0f99603d6f4de67f34fe82f0dcf09
3b99102bae425ec22a98d1b074c27728
-----END OpenVPN Static key V1-----
</tls-auth>
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC # Blowfish (default)
;cipher AES-128-CBC # AES
;cipher DES-EDE3-CBC # Triple-DES
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1
# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull
Reference in New Issue View Git Blame Copy Permalink