X-Git-Url: https://git.archive.openwrt.org/?a=blobdiff_plain;f=applications%2Fluci-openvpn%2Froot%2Fetc%2Fconfig%2Fopenvpn_recipes;h=50e328af5b9f8d7840a8d17279cfa51f2a08e4bb;hb=df703958f849e401d36f2661132c872721c5fcd7;hp=0f2ee4ff8c83d4c6f785996a8658c23974069abb;hpb=f1f031fba5a78f4271613c89de9a4cf63b009ba4;p=project%2Fluci.git diff --git a/applications/luci-openvpn/root/etc/config/openvpn_recipes b/applications/luci-openvpn/root/etc/config/openvpn_recipes index 0f2ee4ff8..50e328af5 100644 --- a/applications/luci-openvpn/root/etc/config/openvpn_recipes +++ b/applications/luci-openvpn/root/etc/config/openvpn_recipes @@ -2,94 +2,106 @@ # Routed point-to-point server # config openvpn_recipe server_tun_ptp - option _description "Simple server configuration for a routed point-to-point VPN" - option _role "server" + option _description "Simple server configuration for a routed point-to-point VPN" + option _role "server" option dev "tun" - option port "1194" - option ifconfig "10.0.0.1 10.0.0.2" - option secret "shared-secret.key" + option ifconfig "10.0.0.1 10.0.0.2" + option secret "shared-secret.key" + option keepalive "10 60" + option comp_lzo "1" + option verb "3" + option mssfix "1420" + option management "127.0.0.1 31194" # # Routed point-to-point client # config openvpn_recipe client_tun_ptp - option _description "Simple client configuration for a routed point-to-point VPN" - option _role "client" + option _description "Simple client configuration for a routed point-to-point VPN" + option _role "client" option dev "tun" - option remote "mypeer.dyndns.org" - option port "1194" - option ifconfig "10.0.0.2 10.0.0.1" - option secret "shared-secret.key" - option nobind "1" - + list remote "vpnserver.example.org" + option ifconfig "10.0.0.2 10.0.0.1" + option secret "shared-secret.key" + option nobind "1" + option comp_lzo "1" + option verb "3" + option management "127.0.0.1 31194" # # Routed multi-client server # config openvpn_recipe server_tun - option _description "Server configuration for a routed multi-client VPN" - option _role "server" + option _description "Server configuration for a routed multi-client VPN" + option _role "server" option dev "tun" - option port "1194" - option server "10.0.100.0 255.255.255.0" + option server "10.0.100.0 255.255.255.0" option ca "ca.crt" - option cert "server.crt" + option cert "server.crt" option key "server.key" option dh "dh1024.pem" - option client_to_client "1" - option keepalive "10 120" - option comp_lzo "1" + option keepalive "10 60" + option comp_lzo "1" + option verb "3" + option mssfix "1420" + option management "127.0.0.1 31194" # # Routed client # config openvpn_recipe client_tun - option _description "Client configuration for a routed multi-client VPN" - option _role "client" - option client "1" - option dev "tun" - option remote "vpnserver.example.org 1194" - option ca "ca.crt" - option cert "my_client.crt" - option key "my_client.key" - option dh "dh1024.pem" - option ns_cert_type "server" - option keepalive "10 120" - option comp_lzo "1" - option nobind "1" - + option _description "Client configuration for a routed multi-client VPN" + option _role "client" + option client "1" + option dev "tun" + list remote "vpnserver.example.org" + option pkcs12 "my_client.p12" + option remote_cert_tls "server" + option comp_lzo "1" + option nobind "1" + option persist_key "1" + option persist_tun "1" + option verb "3" + option reneg_sec "0" + option float "1" + option management "127.0.0.1 31194" # # Multi-client ethernet bridge server # config openvpn_recipe server_tap_bridge - option _description "Server configuration for an ethernet bridge VPN" - option _role "server" + option _description "Server configuration for an ethernet bridge VPN" + option _role "server" option dev "tap" - option port "1194" - option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254" + option server_bridge "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254" option ca "ca.crt" - option cert "server.crt" + option cert "server.crt" option key "server.key" option dh "dh1024.pem" - option client_to_client "1" - option keepalive "10 120" - option comp_lzo "1" + option keepalive "10 60" + option comp_lzo "1" + option verb "3" + option mssfix "1420" + option management "127.0.0.1 31194" # # Ethernet bridge client # config openvpn_recipe client_tap_bridge - option _description "Client configuration for an ethernet bridge VPN" - option _role "client" - option client "1" + option _description "Client configuration for an ethernet bridge VPN" + option _role "client" + option client "1" option dev "tap" - option remote "vpnserver.example.org 1194" + list remote "vpnserver.example.org" option ca "ca.crt" option cert "my_client.crt" option key "my_client.key" option dh "dh1024.pem" - option ns_cert_type "server" - option keepalive "10 120" - option comp_lzo "1" - option nobind "1" + option remote_cert_tls "server" + option comp_lzo "1" + option nobind "1" + option persist_key "1" + option verb "3" + option reneg_sec "0" + option float "1" + option management "127.0.0.1 31194"