############################# ## Main options # ############################# role client ## Client ID ## (has to be unique for each client) mux 2 ## device type tun = ip/ipv6, tap = ethernet type tun ## payload encryption algorithm #cipher null #cipher aes-ctr-128 #cipher aes-ctr-192 #cipher aes-ctr-256 cipher aes-ctr ## message authentication algorithm #auth-algo null auth-algo sha1 ##message auth tag length #auth-tag-length 10 ## Passphrase ## this is used to generate the crypto-key and salt ## this should be al least 30 characters passphrase Creating_VPN_Tunnels_With_Anytun_Is_Easy ## The remote host and port remote-host example.com remote-port 4444 ############################# ## Debug options # ############################# ## don't run in background #nodaemonize ## additional log to standard output with a level of 5 #log stdout:5 ############################# ## Expert options # ############################# ## log to syslog with a level of 3 log syslog:3,uanytun-client2,daemon ## change user and group after init #username uanytun #groupname uanytun ## chroot to users home directory #chroot /var/run/uanytun ## key derivation pseudo random function #kd-prf null #kd-prf aes-ctr #kd-prf aes-ctr-128 #kd-prf aes-ctr-192 #kd-prf aes-ctr-256 ## local ip address to bind to (for tunnel data) ## (if you run an anycast cluster this has to be the anycast ip address) #interface ## local port to bind to (for tunnel data) ## make sure to use a different port for every server and client! port 4444 ## Device name #dev uanytun0 ## Automaticaly configure the interface ## ## We highly recommend the use of the post up script to do this ## ## the address hast to be supplied in CIDR notation #ifconfig / ## Manually set encryption key and salt ## (this replaces the passphrase) #key 2123456789ABCDEF0123456789ABCDEF #salt 2123456789ABCD0123456789ABCD ## Setting a window size > 0 will enable replay protection ## This most likely will only work with external rekeying #window-size 0