Simon,

The configuration was more or less the same, just different port
numbers. Here they are for documentation purposes. Again, the only
differences are the protocol, and the IP pools.

UDP Config:
port 1618
proto udp
dev tun
ca /etc/openvpn/openvpnudp-files/ca.crt
cert /etc/openvpn/openvpnudp-files/server.crt
key /etc/openvpn/openvpnudp-files/server.key
dh /etc/openvpn/openvpnudp-files/dh3072.pem
push "redirect-gateway def1 bypass-dhcp"
server 10.255.248.0 255.255.254.0
remote-cert-eku "TLS Web Client Authentication"
ifconfig-pool-persist /etc/openvpn/openvpnudp-files/ipp.txt
keepalive 10 120
comp-lzo yes
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 5
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
plugin /usr/lib/openvpn/openvpn-auth-ldap.so 
"/etc/openvpn/openvpnudp-files/auth-ldap.conf"
username-as-common-name
cipher AES-256-CBC
topology subnet
log-append /var/log/openvpn.log
tls-auth /etc/openvpn/openvpnudp-files/tls.key 0
key-direction 0
tls-version-min 1.2
auth SHA512
tls-cipher 
TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
crl-verify /etc/openvpn/openvpnudp-files/crl.pem

TCP Config:
port 1618
proto tcp
dev tun
ca /etc/openvpn/openvpntcp-files/ca.crt
cert /etc/openvpn/openvpntcp-files/server.crt
key /etc/openvpn/openvpntcp-files/server.key
dh /etc/openvpn/openvpntcp-files/dh3072.pem
push "redirect-gateway def1 bypass-dhcp"
server 10.255.250.0 255.255.254.0
remote-cert-eku "TLS Web Client Authentication"
ifconfig-pool-persist /etc/openvpn/openvpntcp-files/ipp.txt
keepalive 10 120
comp-lzo yes
persist-key
persist-tun
status /var/log/openvpn-status.log
verb 5
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
plugin /usr/lib/openvpn/openvpn-auth-ldap.so 
"/etc/openvpn/openvpntcp-files/auth-ldap.conf"
username-as-common-name
cipher AES-256-CBC
topology subnet
log-append /var/log/openvpn.log
tls-auth /etc/openvpn/openvpntcp-files/tls.key 0
key-direction 0
tls-version-min 1.2
auth SHA512
tls-cipher 
TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256:TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
crl-verify /etc/openvpn/openvpntcp-files/crl.pem

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1580356

Title:
  OpenVPN causes reboot failure on Xenial in AWS

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1580356/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to