...
Property | Description |
---|---|
add-default-route (yes | no; Default: no) | Whether to add OVPN remote address as a default route. |
auth (md5 | sha1 | null | sha256 | sha512; Default: sha1) | Allowed authentication methods. |
certificate (string | none; Default: none) | Name of the client certificate |
cipher (null | aes128-cbc | aes128-gcm | aes192-cbc | aes192-gcm | aes256-cbc | aes256-gcm | blowfish128; Default: blowfish128) | Allowed ciphers. In order to use GCM type ciphers, the "auth" parameter must be set to "null", because GCM cipher is also responsible for "auth", if used. |
comment (string; Default: ) | Descriptive name of an item |
connect-to (IP; Default: ) | Remote address of the OVPN server. |
disabled (yes | no; Default: yes) | Whether the interface is disabled or not. By default it is disabled. |
mac-address (MAC; Default: ) | Mac address of OVPN interface. Will be automatically generated if not specified. |
max-mtu (integer; Default: 1500) | Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation. |
mode (ip | ethernet; Default: ip) | Layer3 or layer2 tunnel mode (alternatively tun, tap) |
name (string; Default: ) | Descriptive name of the interface. |
password (string; Default: "") | Password used for authentication. |
port (integer; Default: 1194) | Port to connect to. |
profile (name; Default: default) | Specifies which PPP profile configuration will be used when establishing the tunnel. |
protocol (tcp | udp; Default: tcp) | indicates the protocol to use when connecting with the remote endpoint. |
verify-server-certificate (yes | no; Default: no) | Checks the certificates CN or SAN against the "connect-to" parameter. The IP or hostname must be present in the server's certificate. |
tls-version (any | only-1.2; Default: any) | Specifies which TLS versions to allow |
use-peer-dns (yes | no; Default: no) | Whether to add DNS servers provided by the OVPN server to IP/DNS configuration. |
route-nopull (yes | no; Default: no) | Specifies whether to allow the OVPN server to add routes to the OVPN client instance routing table. |
user (string; Default: ) | User name used for authentication. |
...
Properties
Property | Description |
---|---|
auth (md5 | sha1 | null | sha256 | md5 sha512; Default: sha1,md5,sha256,sha512) | Authentication methods that the server will accept. |
certificate (name | none; Default: none) | Name of the certificate that the OVPN server will use. |
cipher (null | aes128-cbc | aes128-gcm | aes192-cbc | aes192-gcm | aes256-cbc | aes256-gcm | blowfish128; Default: aes128-cbc,blowfish128) | Allowed ciphers. |
default-profile (name; Default: default) | Default profile to use. |
enabled (yes | no; Default: no) | Defines whether the OVPN server is enabled or not. |
protocol (tcp | udp; Default: tcp) | indicates the protocol to use when connecting with the remote endpoint. |
keepalive-timeout (integer | disabled; Default: 60) | Defines the time period (in seconds) after which the router is starting to send keepalive packets every second. If no traffic and no keepalive responses have come for that period of time (i.e. 2 * keepalive-timeout), not responding client is proclaimed disconnected |
mac-address (MAC; Default: ) | Automatically generated MAC address of the server. |
max-mtu (integer; Default: 1500) | Maximum Transmission Unit. Max packet size that the OVPN interface will be able to send without packet fragmentation. |
mode (ip | ethernet; Default: ip) | Layer3 or layer2 tunnel mode (alternatively tun, tap) |
netmask (integer; Default: 24) | Subnet mask to be applied to the client. |
port (integer; Default: 1194) | Port to run the server on. |
require-client-certificate (yes | no; Default: no) | If set to yes, then the server checks whether the client's certificate belongs to the same certificate chain. |
redirect-gateway (def1 | disabled | ipv6; Default: disabled) | Specifies what kind of routes the OVPN client must add to the routing table.
|
enable-tun-ipv6 (yes | no; Default: no) | Specifies if IPv6 IP tunneling mode should be possible with this OVPN server. |
ipv6-prefix-len (integer; Default: 64) | Length of IPv6 prefix for IPv6 address which will be used when generating OVPN interface on the server side. |
tun-server-ipv6 (IPv6 prefix; Default: ::) | IPv6 prefix address which will be used when generating the OVPN interface on the server side. |
...