Tripp Lite B092-016

To Next Page

To Previous Page

The Windows client/server conﬁguration ﬁle options are:

Options Description

#description: This is a comment describing the conﬁguration.

Commentlinesstartwitha‘#’andareignoredbyOpenVPN.

Client

server

Specifywhetherthiswillbeaclientorservercongurationle.Intheservercongurationle,

denetheIPaddresspoolandnetmask.Forexample,server10.100.10.0255.255.255.0

proto udp

proto tcp

SettheprotocoltoUDPorTCP.Theclientandservermustusethesamesettings.

mssx<max.size> Mssxsetsthemaximumsizeofthepacket.ThisisonlyusefulforUDPifproblemsoccur.

verb<level> Setlogleverbositylevel.Logverbositylevelcanbesetfrom0(minimum)to15(maximum).

Forexample,

0 = silent except for fatal errors

3=mediumoutput,goodforgeneralusage

5 = helps with debugging connection problems

9=extremelyverbose,excellentfortroubleshooting

dev tun

dev tap

Select‘devtun’tocreatearoutedIPtunnelor‘devtap’tocreateanEthernettunnel.The

client and server must use the same settings.

remote<host> Thehostname/IPofOpenVPNserverwhenoperatingasaclient.EntereithertheDNS

hostname or the static IP address of the server.

Port TheUDP/TCPportoftheserver.

Keepalive KeepaliveusespingtokeeptheOpenVPNsessionalive.'Keepalive10120'pingsevery10

seconds and assumes the remote peer is down if no ping has been received over a 120

second time period.

http-proxy<proxyserver>

<proxyport#>

Ifaproxyisrequiredtoaccesstheserver,entertheproxyserverDNSnameorIPandport

number.

ca<lename> Enter the CA certiﬁcate ﬁle name and location. The same CA certiﬁcate ﬁle can be used by the

server and all clients.

Note:Ensureeach‘\’inthedirectorypathisreplacedwith‘\\’.Forexample,c:\openvpnkeys\

ca.crtwillbecomec:\\openvpnkeys\\ca.crt

cert<lename> Entertheclient’sorservers’scerticatelenameandlocation.Eachclientshouldhaveits

owncerticateandkeyles.Note:Ensureeach‘\’inthedirectorypathisreplacedwith‘\\’.

key<lename> Enterthelenameandlocationoftheclient’sorserver’skey.Eachclientshouldhaveitsown

certiﬁcate and key ﬁles.

Note:Ensureeach‘\’inthedirectorypathisreplacedwith‘\\’.

dh<lename> This is used by the server only.

EnterthepathtothekeywiththeDife-Hellmanparameters.

Nobind ‘Nobind’isusedwhenclientsdonotneedtobindtoalocaladdressorspeciclocalport

number. This is the case in most client conﬁgurations.

persist-key This option prevents the reloading of keys across restarts.

persist-tun ThisoptionpreventsthecloseandreopenofTUN/TAPdevicesacrossrestarts.

cipherBF-CBCBlowsh

(default)

cipherAES-128-CBCAES

cipherDES-EDE3-CBC

Triple-DES

Select a cryptographic cipher. The client and server must use the same settings.

comp-lzo EnablecompressionontheOpenVPNlink.Thismustbeenabledonboththeclientandthe

server.

syslog Bydefault,logsarelocatedinsyslogor,ifrunningasaserviceonWindow,in\ProgramFiles\

OpenVPN\logdirectory.

Chapter 4: Serial Port, Device and User Conﬁguration

Main Page

Tripp Lite B092-016 - Page 63

Table of Contents

Other manuals for Tripp Lite B092-016

Related product manuals