# # Routed point-to-point server # config openvpn_recipe server_tun_ptp option _description 'Simple server configuration for a routed point-to-point VPN' option _role 'server' option dev 'tun' option ifconfig '10.0.0.1 10.0.0.2' option secret 'shared-secret.key' option keepalive '10 60' option comp_lzo 'yes' option verb '3' option mssfix '1420' # # Routed point-to-point client # config openvpn_recipe client_tun_ptp option _description 'Simple client configuration for a routed point-to-point VPN' option _role 'client' option dev 'tun' list remote 'vpnserver.example.org' option ifconfig '10.0.0.2 10.0.0.1' option secret 'shared-secret.key' option nobind '1' option comp_lzo 'yes' option verb '3' # # Routed multi-client server # config openvpn_recipe server_tun option _description 'Server configuration for a routed multi-client VPN' option _role 'server' option dev 'tun' option server '10.0.100.0 255.255.255.0' option ca 'ca.crt' option cert 'server.crt' option key 'server.key' option dh 'dh1024.pem' option keepalive '10 60' option comp_lzo 'yes' option verb '3' option mssfix '1420' # # Routed client # config openvpn_recipe client_tun option _description 'Client configuration for a routed multi-client VPN' option _role 'client' option client '1' option dev 'tun' list remote 'vpnserver.example.org' option pkcs12 'my_client.p12' option remote_cert_tls 'server' option comp_lzo 'yes' option nobind '1' option persist_key '1' option persist_tun '1' option verb '3' option reneg_sec '0' option float '1' # # Multi-client ethernet bridge server # config openvpn_recipe server_tap_bridge option _description 'Server configuration for an ethernet bridge VPN' option _role 'server' option dev 'tap' option server_bridge '192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254' option ca 'ca.crt' option cert 'server.crt' option key 'server.key' option dh 'dh1024.pem' option keepalive '10 60' option comp_lzo 'yes' option verb '3' option mssfix '1420' # # Ethernet bridge client # config openvpn_recipe client_tap_bridge option _description 'Client configuration for an ethernet bridge VPN' option _role 'client' option client '1' option dev 'tap' list remote 'vpnserver.example.org' option ca 'ca.crt' option cert 'my_client.crt' option key 'my_client.key' option dh 'dh1024.pem' option remote_cert_tls 'server' option comp_lzo 'yes' option nobind '1' option persist_key '1' option verb '3' option reneg_sec '0' option float '1'