37 lines
778 B
Python
37 lines
778 B
Python
# -*- coding: utf-8; mode: python -*-
|
|
|
|
include("ip")
|
|
|
|
header("Configuration du tunnel entre %s et %s" % (hostname, remote))
|
|
|
|
_out("""
|
|
daemon tun-%(remote_name)s
|
|
dev tun-%(remote_name)s
|
|
|
|
tls-client
|
|
ca /etc/ssl/certs/cacert.org.pem
|
|
cert /etc/ssl/certs/vpn.pem
|
|
tls-verify "/usr/scripts/utils/verify-cn /etc/openvpn/allowed_clients"
|
|
key /etc/ssl/private/vpn.pem
|
|
|
|
log-append /var/log/openvpn/%(remote_name)s.log
|
|
|
|
port 1194
|
|
fragment 1400
|
|
|
|
ifconfig %(local_vpn_ip)s %(remote_vpn_ip)s
|
|
route 10.231.136.0 255.255.255.0 vpn_gateway
|
|
|
|
ping 15
|
|
ping-exit 45
|
|
|
|
script-security 2
|
|
verb 3
|
|
|
|
dh /etc/openvpn/dh1024.pem
|
|
|
|
remote %(remote_pub_ip)s
|
|
""" % { "remote_name": remote,
|
|
"local_vpn_ip": admip(),
|
|
"remote_vpn_ip": admipof(remote_vpn),
|
|
"remote_pub_ip": pubipof(remote) })
|