CONFIG OPENVPN UPDATE

Level

vpn,modify,network

History

Appears in 1.0.0
RegisterDNS and BlockOutDNS appear in 3.0.0
udppool appears in 3.2.0
udpBindAddr appears in 3.4.0
Compress and StrictCert appear in 3.8.0
PingExit appears in 4.7.0

Description

Update OpenVPN configuration (in clone file) for openvpn server

Usage

[state=0|1] : openvpn server state
[pool=<network_object>] : IP tcp pool allocated to openvpn clients
[udppool=<network_object>] : IP udp pool allocated to openvpn clients
[udpport=<port>] : public listening udp port for the service
[route=<any|host|network|group_object>] : Networks pushed on openvpn clients
[timeout=<seconds>] : period of data channel renegociation
[serverCertificate=<cert_name>] : certificate of server
[clientCertificate=<cert_name>] : certificate of client
[cipher=<algo>] : specify algorithm to encrypt packets
[tlsCipher=<algo>] : specify algorithm to encrypt packets for tls
[authAlgo=<algo>] : specify algorithm for message digest
[persistIp=0|1] : client IP address persistency
[serverPublicAddr=<ip> or <hostname>] : public address to contact openvpn server
[serverPublicAddrSecondary=<ip> or <hostname>] : secondary public address to contact openvpn server
[port=<port>] : public listening port for the service
[primaryDns=<host_object>] : pushed primary dns on openvpn client
[secondaryDns=<host_object>] : pushed secondary dns on openvpn client
[domainName=<domain name>] : pushed domain name on openvpn client
[ping=<ping timer>] : Interval in seconds between 2 ping requests (max 3599)
[pingrestart=<no response timer>] : Timeout in seconds after which the connection will be restarted if no ping response was received (max 3600)
[RegisterDNS=<on|off>] : On connection initiation, run Windows commands that will force to recognize pushed DNS servers.
[BlockOutDNS=<on|off>] : Block DNS servers on other network adapters to prevent DNS leaks.
[udpBindAddr=(<firewall_ip_object>|"")] : Firewall local IP used to bind the OpenVPN UDP server
[Compress=0|1] : enable/disable LZ4 compression
[StrictCert=0|1] : enable/disable strict server certificate check (type server and name)
[HandWindow=[n]] : configure Handshake Window -- the TLS-based key exchange must finalize within n seconds of handshake initiation by any peer
[Inactive=<seconds>] : Number of seconds without trafic to wait before closing the tunnel (0 to disable; 3600 max)
[PingExit=<seconds>] : Number of seconds without trafic and ping to wait before closing the tunnel (0 to disable; 3600 max)

Returns

Error code