Pi-Hole/docs
1
0
Fork 0
mirror of https://github.com/pi-hole/docs.git synced 2026-02-15 07:26:03 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2d52a6ddfc48d67d613b20ee52d6ca17041ade31
docs/docs/guides/vpn/openvpn/client.ovpn
Adam Warner 2d52a6ddfc Fix some spellings, ignore others. 
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2022-04-22 17:32:44 +01:00

86 lines
2.4 KiB
Plaintext
Raw Blame History

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to Pi-hole OpenVPN server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
##############################################
# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client
dev tun
# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
dev tun
proto udp
;proto tcp
# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote <<<<<my.ip.address.here>>>> 1194
# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to
# a specific local port number.
nobind
# Try to preserve some state across restarts.
persist-key
persist-tun
# SSL/TLS params.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca /home/dl6er/openvpn/ca.crt
cert /home/dl6er/openvpn/client.crt
key /home/dl6er/openvpn/client.key
# Verify server certificate by checking that the
# certificate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# https://openvpn.net/howto.html#mitm
remote-cert-tls server
# If a tls-auth key is used on the server
# then every client must also have the key.
tls-auth /home/dl6er/openvpn/ta.key 1
# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
cipher AES-256-CBC
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo
# Set log file verbosity.
verb 3
# Call script that updates DNS settings are
# pushed by the OpenVPN server. It updates your
# /etc/resolv.conf with DNS settings that come
# from the received push dhcp-options. Since
# network management is out of OpenVPN client
# scope, this script adds and removes the
# provided from those settings.
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
Reference in New Issue View Git Blame Copy Permalink