| Zack Williams | becdc0e | 2022-03-26 07:08:25 -0700 | [diff] [blame] | 1 | # openvpn client.conf - {{ ansible_managed }} |
| 2 | {# | ||||
| 3 | SPDX-FileCopyrightText: © 2022 Open Networking Foundation <support@opennetworking.org> | ||||
| 4 | SPDX-License-Identifier: Apache-2.0 | ||||
| 5 | #} | ||||
| 6 | |||||
| 7 | # security | ||||
| 8 | tls-client | ||||
| 9 | tls-version-min 1.3 | ||||
| 10 | cipher AES-256-GCM | ||||
| 11 | auth SHA256 | ||||
| 12 | |||||
| 13 | # connection | ||||
| 14 | dev tun | ||||
| 15 | proto udp | ||||
| 16 | port 1194 | ||||
| 17 | remote {{ openvpn_server_name }} | ||||
| 18 | |||||
| 19 | # security | ||||
| 20 | remote-cert-tls server | ||||
| 21 | auth-nocache | ||||
| 22 | nobind | ||||
| 23 | persist-key | ||||
| 24 | persist-tun | ||||
| 25 | |||||
| 26 | # logging | ||||
| 27 | verb 4 | ||||
| 28 | mute 10 | ||||
| 29 | |||||
| 30 | # IP config | ||||
| 31 | topology subnet | ||||
| 32 | pull | ||||
| 33 | |||||
| 34 | # CA certificates | ||||
| 35 | <ca> | ||||
| 36 | </ca> | ||||
| 37 | |||||
| 38 | # TLS auth | ||||
| 39 | key-direction 1 | ||||
| 40 | <tls-auth> | ||||
| 41 | </tls-auth> | ||||
| 42 | |||||
| 43 | # client key | ||||
| 44 | <key> | ||||
| 45 | </key> | ||||
| 46 | |||||
| 47 | # client cert | ||||
| 48 | <cert> | ||||
| 49 | </cert> | ||||