# # Routed point-to-point server # config openvpn_recipe b_server_tun_ptp option _description "Basic point-to-point TUN VPN Server" option _role "server" option dev "tun-server" option ifconfig "10.0.0.1 10.0.0.2" option secret "shared-secret.key" option keepalive "10 60" option comp_lzo "yes" option verb "3" option mssfix "1420" option topology "p2p" # # Routed point-to-point client # config openvpn_recipe b_client_tun_ptp option _description "Basic point-to-point TUN VPN Client" option _role "client" option client "1" option dev "tun0" list remote "vpnserver.example.org" option ifconfig "10.0.0.2 10.0.0.1" option secret "shared-secret.key" option nobind "1" option comp_lzo "yes" option verb "3" # # Routed multi-client server # config openvpn_recipe a_server_tun option _description "Basic TUN VPN Server" option _role "server" option dev "tun-server" option topology "subnet" option port "1194" option proto "udp" option server "10.0.100.0 255.255.255.0" option ca "/etc/openvpn/placeholder/placeholder.file" option cert "/etc/openvpn/placeholder/placeholder.file" option key "/etc/openvpn/placeholder/placeholder.file" option dh "/etc/openvpn/placeholder/placeholder.file" option keepalive "10 60" option comp_lzo "yes" option verb "3" option mssfix "1420" # # Routed client # config openvpn_recipe a_client_tun option _description "Basic TUN VPN Client" option _role "client" option client "1" option dev "tun0" option proto "udp" list remote "vpnserver.example.org" option remote_cert_tls "server" option comp_lzo "yes" option nobind "1" option persist_key "1" option persist_tun "1" option verb "3" option reneg_sec "0" option float "1" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option ca "/etc/openvpn/placeholder/placeholder.file" option cert "/etc/openvpn/placeholder/placeholder.file" option key "/etc/openvpn/placeholder/placeholder.file" # # Multi-client ethernet bridge server # config openvpn_recipe c_server_tap_bridge option _description "Basic Server-Bridge TAP VPN Server" option _role "server" option dev "tap-server" option port "1194" option server_bridge "192.168.100.1 255.255.255.0 192.168.100.128 192.168.100.254" option ca "/etc/openvpn/placeholder/placeholder.file" option cert "/etc/openvpn/placeholder/placeholder.file" option key "/etc/openvpn/placeholder/placeholder.file" option dh "/etc/openvpn/placeholder/placeholder.file" option keepalive "10 60" option comp_lzo "yes" option verb "3" option mssfix "1420" # # Ethernet bridge client # config openvpn_recipe c_client_tap_bridge option _description "Basic Server-Bridge TAP VPN Client" option _role "client" option client "1" option dev "tap0" list remote "vpnserver.example.org" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option ca "/etc/openvpn/placeholder/placeholder.file" option cert "/etc/openvpn/placeholder/placeholder.file" option key "/etc/openvpn/placeholder/placeholder.file" option remote_cert_tls "server" option comp_lzo "yes" option nobind "1" option persist_key "1" option verb "3" option reneg_sec "0" option float "1" # # OVPN Client # config openvpn_recipe d_ovpn_client option _description "Client using OVPN File" option _role "client" option config "/etc/openvpn/placeholder/placeholder.file" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" # # NordVpn # config openvpn_recipe e_nordvpn_client_tun option _description "Predefined Client for NordVPN" option _role "client" option config "/etc/openvpn/placeholder/placeholder.file" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" # # Private Internet Access Client # config openvpn_recipe e_pia_client_tun option _description "Predefined Client for Private Internet Access" option _role "client" option client "1" option dev "tun0" option proto "udp" list remote "us-example.privateinternetaccess.com" option port "1198" option resolv_retry "infinite" option nobind "1" option persist_key "1" option persist_tun "1" option cipher "aes-128-cbc" option auth "sha1" option tls_client "1" option remote_cert_tls "server" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option comp_lzo "yes" option verb "1" option reneg_sec "0" option crl_verify "/etc/openvpn/pia/crl.rsa.2048.pem" option ca "/etc/openvpn/pia/ca.rsa.2048.crt" option disable_occ "1" # # Windscribe # config openvpn_recipe e_windscribe_client_tun option _description "Predefined Client for Windscribe" option _role "client" option client "1" option dev "tun0" option proto "udp" list remote "example.windscribe.com" option port "443" option resolv_retry "infinite" option nobind "1" option persist_key "1" option persist_tun "1" option cipher "aes-256-cbc" option auth "sha512" option tls_client "1" option remote_cert_tls "server" option key_direction "1" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option comp_lzo "yes" option verb "2" option reneg_sec "432000" option tls_auth "/etc/openvpn/windscribe/ta.key" option ca "/etc/openvpn/windscribe/ca.crt" option redirect_gateway "def1" # # ProtonVPN # config openvpn_recipe e_proton_client_tun option _description "Predefined Client for ProtonVPN" option _role "client" option client "1" option dev "tun0" option proto "udp" list remote "example.protonvpn.com" option port "1194" option resolv_retry "infinite" option nobind "1" option persist_key "1" option persist_tun "1" option cipher "aes-256-cbc" option auth "sha512" option tls_client "1" option remote_cert_tls "server" option key_direction "1" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option comp_lzo "yes" option verb "3" option reneg_sec "0" option tls_auth "/etc/openvpn/placeholder/placeholder.file" option ca "/etc/openvpn/placeholder/placeholder.file" option redirect_gateway "def1" # # Mullvad # config openvpn_recipe e_mullvad_client_tun option _description "Predefined Client for Mullvad" option _role "client" option client "1" option dev "tun0" option proto "udp" list remote "example.mullvad.net" option port "1194" option resolv_retry "infinite" option nobind "1" option persist_key "1" option persist_tun "1" option cipher "aes-256-cbc" option tls_client "1" option remote_cert_tls "server" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option comp_lzo "yes" option verb "3" option ca "/etc/openvpn/mullvad/mullvad_ca.crt" option crl_verify "/etc/openvpn/mullvad/mullvad_crl.pem" option redirect_gateway "def1" # # AirVPN # config openvpn_recipe e_airvpn_client_tun option _description "Predefined Client for AirVPN" option _role "client" option client "1" option dev "tun0" option proto "udp" list remote "example.vpn.airdns.org" option port "443" option resolv_retry "infinite" option nobind "1" option persist_key "1" option persist_tun "1" option cipher "aes-256-cbc" option route_delay "5" option explicit_exit_notify "5" option tls_client "1" option remote_cert_tls "server" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option comp_lzo "no" option verb "3" option key_direction "1" option ca "/etc/openvpn/airvpn/ca.crt" option cert "/etc/openvpn/airvpn/client.crt" option key "/etc/openvpn/airvpn/client.key" option tls_auth "/etc/openvpn/airvpn/ta.key" # # Tunnelbear # config openvpn_recipe e_tunnelbear_client_tun option _description "Predefined Client for Tunnelbear" option _role "client" option dev "tun0" option proto "udp" option port "443" option client "1" option nobind "1" option persist_key "1" option persist_tun "1" option remote_cert_tls "server" option reneg_sec "0" option verb "1" option comp_lzo "yes" option auth_user_pass "/etc/openvpn/placeholder/placeholder.file" option ca "/etc/openvpn/placeholder/placeholder.file" option cert "/etc/openvpn/placeholder/placeholder.file" option key "/etc/openvpn/placeholder/placeholder.file" option remote "example.tunnelbear-ios.com" option auth "SHA256" option keysize "256" option keep_alive "10 30" option redirect_gateway "def1"