...
Property | Description |
---|---|
auth (sha1 | md5; Default: sha1,md5) | Authentication methods that the server will accept. |
certificate (name | none; Default: none) | Name of the certificate that the OVPN server will use. |
cipher (aes128 | aes192 | aes256 | blowfish128; Default: aes128,blowfish128) | Allowed ciphers. |
default-profile (name; Default: default) | Default profile to use. |
enabled (yes | no; Default: no) | Defines whether the OVPN server is enabled or not. |
keepalive-timeout (integer | disabled; Default: 60) | Defines the time period (in seconds) after which the router is starting to send keepalive packets every second. If no traffic and no keepalive responses has came have come for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected |
mac-address (MAC; Default: ) | Auto Generated Automatically generated MAC address of the server. |
max-mtu (integer; Default: 1500) | Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation. |
mode (ip | ethernet; Default: ip) | Layer3 or layer2 tunnel mode (alternatively tun, tap) |
netmask (integer; Default: 24) | Subnet mask to be applied to the client. |
port (integer; Default: 1194) | Port to run the server on. |
require-client-certificate (yes | no; Default: no) | If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain. |
redirect-gateway (def1 / disabled / ipv6, Default: disabled) | Specifies what kind of routes the OVPN client must add to the routing table.
|
Warning |
---|
It is very important that the date on the router is within the range of the installed certificate's date of expiration. To overcome any certificate verification problems, enable NTP date synchronization on both the server and client. |
Example
...