projects / openwrt / staging / rmilecki.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9565c57) | patch
openvpn: revise sample configuration
authorMagnus Kroken <mkroken@gmail.com>
Mon, 27 Jul 2020 18:34:49 +0000 (20:34 +0200)
committerDaniel Golle <daniel@makrotopia.org>
Sat, 1 Aug 2020 13:54:39 +0000 (14:54 +0100)
commit48a9d99a218c6d83e3337c56b6cc7592e7ad12ae
tree430aa5f401283b243b98f8975a9b309639b89345tree | snapshot
parent9565c5726a34da7c9c953d2293b70fdbfef0e0becommit | diff
openvpn: revise sample configuration

Update the openvpn sample configurations to use modern options in favor
of deprecated ones, suggest more sane default settings and add some
warnings.

* Add tls_crypt and ncp_disable to the sample configuration
* Replace nsCertType with remote_cert_tls in client sample configuration
* Comment out "option compress", compression should not be preferred
* Advise 2048-bit Diffie-Hellman parameters by default
* Add warnings about compression and use of Blowfish (BF-CBC)

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
package/network/services/openvpn/files/openvpn.config diff | blob | history
Rafal Mileckis staging tree