X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fluci.git;a=blobdiff_plain;f=applications%2Fluci-openvpn%2Froot%2Fetc%2Fconfig%2Fopenvpn_recipes;h=1b394dffbc19984565f33366b0cbe9b5c2d3663d;hp=69cff8045a9118082b8be8ad192bde880be05b3c;hb=7d9283845820ce40352a7530ae8499feca72dc46;hpb=f2530c711356bff0424457a8efaf0ff46b299f9e

diff --git a/applications/luci-openvpn/root/etc/config/openvpn_recipes b/applications/luci-openvpn/root/etc/config/openvpn_recipes
index 69cff8045..1b394dffb 100644
--- a/applications/luci-openvpn/root/etc/config/openvpn_recipes
+++ b/applications/luci-openvpn/root/etc/config/openvpn_recipes
@@ -2,94 +2,101 @@
 # Routed point-to-point server
 #
 config openvpn_recipe server_tun_ptp
-	option _description	"Simple server configuration for a routed point-to-point VPN"
-	option _role		"server"
+	option _description		"Simple server configuration for a routed point-to-point VPN"
+	option _role			"server"
 	option dev			"tun"
-	option port			"1194"
-	option ifconfig		"10.0.0.1 10.0.0.2"
-	option secret		"shared-secret.key"
+	option ifconfig			"10.0.0.1 10.0.0.2"
+	option secret			"shared-secret.key"
+	option keepalive		"10 60"
+	option comp_lzo			"yes"
+	option verb			"3"
+        option mssfix			"1420"
 
 #
 # Routed point-to-point client
 #
 config openvpn_recipe client_tun_ptp
-	option _description	"Simple client configuration for a routed point-to-point VPN"
-	option _role		"client"
+	option _description		"Simple client configuration for a routed point-to-point VPN"
+	option _role			"client"
 	option dev			"tun"
-	option remote 		"mypeer.dyndns.org"
-	option port 		"1194"
-	option ifconfig		"10.0.0.2 10.0.0.1"
-	option secret		"shared-secret.key"
-	option nobind		"1"
-
+	list   remote			"vpnserver.example.org"
+	option ifconfig			"10.0.0.2 10.0.0.1"
+	option secret			"shared-secret.key"
+	option nobind			"1"
+	option comp_lzo			"yes"
+	option verb			"3"
 
 #
 # Routed multi-client server
 #
 config openvpn_recipe server_tun
-	option _description	"Server configuration for a routed multi-client VPN"
-	option _role		"server"
+	option _description		"Server configuration for a routed multi-client VPN"
+	option _role			"server"
 	option dev			"tun"
-	option port			"1194"
-	option server		"10.0.100.0 255.255.255.0"
+	option server			"10.0.100.0 255.255.255.0"
 	option ca			"ca.crt"
-	option cert 		"server.crt"
+	option cert			"server.crt"
 	option key 			"server.key"
 	option dh 			"dh1024.pem"
-	option client_to_client	"1"
-	option keepalive	"10 120"
-	option comp_lzo		"1"
+	option keepalive		"10 60"
+	option comp_lzo			"yes"
+	option verb			"3"
+        option mssfix			"1420"
 
 #
 # Routed client
 #
 config openvpn_recipe client_tun
-	option _description	"Client configuration for a routed multi-client VPN"
-	option _role		"client"
-	option client		"1"
-	option dev 			"tun"
-	option remote		"vpnserver.example.org 1194"
-	option ca 			"ca.crt"
-	option cert			"my_client.crt"
-	option key 			"my_client.key"
-	option dh 			"dh1024.pem"
-	option ns_cert_type	"server"
-	option keepalive	"10 120"
-	option comp_lzo		"1"
-	option nobind		"1"
-
+	option _description		"Client configuration for a routed multi-client VPN"
+	option _role			"client"
+	option client			"1"
+	option dev			"tun"
+	list   remote			"vpnserver.example.org"
+	option pkcs12			"my_client.p12"
+	option remote_cert_tls		"server"
+	option comp_lzo			"yes"
+	option nobind			"1"
+	option persist_key		"1"
+	option persist_tun		"1"
+	option verb			"3"
+	option reneg_sec		"0"
+	option float			"1"
 
 #
 # Multi-client ethernet bridge server
 #
-config openvpn_recipe server_tun
-	option _description	"Server configuration for an ethernet bridge VPN"
-	option _role		"server"
+config openvpn_recipe server_tap_bridge
+	option _description		"Server configuration for an ethernet bridge VPN"
+	option _role			"server"
 	option dev			"tap"
-	option port			"1194"
-	option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
+	option server_bridge		"192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254"
 	option ca			"ca.crt"
-	option cert 		"server.crt"
+	option cert			"server.crt"
 	option key 			"server.key"
 	option dh 			"dh1024.pem"
-	option client_to_client	"1"
-	option keepalive	"10 120"
-	option comp_lzo		"1"
+	option keepalive		"10 60"
+	option comp_lzo			"yes"
+	option verb			"3"
+        option mssfix			"1420"
 
 #
 # Ethernet bridge client
 #
-config openvpn_recipe client_tun
-	option _description	"Client configuration for an ethernet bridge VPN"
-	option _role		"client"
-	option client		"1"
+config openvpn_recipe client_tap_bridge
+	option _description		"Client configuration for an ethernet bridge VPN"
+	option _role			"client"
+	option client			"1"
 	option dev 			"tap"
-	option remote		"vpnserver.example.org 1194"
+	list   remote			"vpnserver.example.org"
 	option ca 			"ca.crt"
 	option cert			"my_client.crt"
 	option key 			"my_client.key"
 	option dh 			"dh1024.pem"
-	option ns_cert_type	"server"
-	option keepalive	"10 120"
-	option comp_lzo		"1"
-	option nobind		"1"
+	option remote_cert_tls		"server"
+	option comp_lzo			"yes"
+	option nobind			"1"
+	option persist_key		"1"
+	option verb			"3"
+	option reneg_sec		"0"
+	option float			"1"
+