NCM::Component::metaconfig::openvpn - schema¶
Types¶
- /software/components/metaconfig/config_openvpn_all
Description: All options shared between client and server.
- /software/components/metaconfig/config_openvpn_all/ca
Description: Certificate authority (CA) file in .pem format.
Required
Type: absolute_file_path
- /software/components/metaconfig/config_openvpn_all/cd
Description: Change directory to dir prior to reading any files such as configuration files.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_all/cert
Description: Local peer’s signed certificate in .pem format.
Required
Type: absolute_file_path
- /software/components/metaconfig/config_openvpn_all/cipher
Description: Encrypt data channel packets with cipher algorithm alg.
Required
Type: string
Default value: AES-256-CBC
- /software/components/metaconfig/config_openvpn_all/compress
Description: Enable a compression algorithm.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_all/comp-lzo
Description: Use LZO compression, deprecated since 2.4.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_all/comp-noadapt
Description: this option will disable OpenVPN’s adaptive compression algorithm.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_all/daemon
Description: Become a daemon after all initialization functions are completed.
Required
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_all/dev
Description: TUN/TAP virtual network device.
Required
Type: string
- /software/components/metaconfig/config_openvpn_all/group
Description: this option changes the group ID of the OpenVPN process to group after initialization.
Required
Type: string
Default value: nobody
- /software/components/metaconfig/config_openvpn_all/ifconfig
Description: Set TUN/TAP adapter parameters.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_all/key
Description: Local peer’s private key in .pem format.
Required
Type: absolute_file_path
- /software/components/metaconfig/config_openvpn_all/nobind
Description: Do not bind to local address and port.
Required
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_all/persist-key
Description: Don’t re-read key files across SIGUSR1 or –ping-restart.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_all/persist-tun
Description: Don’t close and reopen TUN/TAP device or run up/down scripts across SIGUSR1 or –ping-restart.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_all/port
Description: TCP/UDP port number or port name for both local and remote.
Required
Type: type_port
Default value: 1194
- /software/components/metaconfig/config_openvpn_all/proto
Description: Use protocol p for communicating with remote host.
Required
Type: string
- /software/components/metaconfig/config_openvpn_all/tls-auth
Description: Add an additional layer of HMAC authentication on top of the TLS control channel.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_all/tun-mtu
Description: Take the TUN device MTU to be n and derive the link MTU from it.
Required
Type: long
Default value: 1500
- /software/components/metaconfig/config_openvpn_all/user
Description: Change the user ID of the OpenVPN process to user after initialization.
Required
Type: string
Default value: nobody
- /software/components/metaconfig/config_openvpn_all/verb
Description: Set output verbosity
Optional
Type: long
Range: 0..11
- /software/components/metaconfig/config_openvpn_server
Description: All options only available to a server.
- /software/components/metaconfig/config_openvpn_server/ccd-exclusive
Description: Require, as a condition of authentication, that a connecting client has a client-config-dir file.
Optional
Type: boolean
- /software/components/metaconfig/config_openvpn_server/client-config-dir
Description: Specify a directory dir for custom client config files.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/client-connect
Description: Run command cmd on client connection.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/client-disconnect
Description: Run command cmd on client disconnection.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/client-to-client
Description: Tells OpenVPN to internally route client-to-client traffic.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_server/crl-verify
Description: Check peer certificate against the file crl in PEM format.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/dh
Description: File containing Diffie Hellman parameters in .pem format.
Optional
Type: absolute_file_path
- /software/components/metaconfig/config_openvpn_server/duplicate-cn
Description: Allow multiple clients with the same common name to concurrently connect.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_server/ifconfig-pool
Description: Set aside a pool of subnets to be dynamically allocated to connecting clients.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/ifconfig-pool-linear
Description: Modifies the –ifconfig-pool directive to allocate individual TUN interface addresses for clients.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_server/ifconfig-pool-persist
Description: Persist/unpersist ifconfig-pool data to file.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/keepalive
Description: define keepalive interval and timeout.
Required
Type: long
- /software/components/metaconfig/config_openvpn_server/local
Description: Local host name or IP address for bind.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/log-append
Description: Append logging messages to file.
Optional
Type: absolute_file_path
- /software/components/metaconfig/config_openvpn_server/management
Description: Enable a TCP server on IP:port to handle daemon management functions.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/max-clients
Description: Limit server to a maximum of n concurrent clients.
Optional
Type: long
- /software/components/metaconfig/config_openvpn_server/passtos
Description: Set the TOS field of the tunnel packet to what the payload’s TOS is.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_server/push
Description: Push a config file option back to the client for remote execution.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/script-security
Description: This directive offers policy-level control over OpenVPN’s usage of external programs and scripts.
Optional
Type: long
Range: 0..3
- /software/components/metaconfig/config_openvpn_server/server
Description: A helper directive designed to simplify the configuration of OpenVPN’s server mode.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/server-bridge
Description: A helper directive to simplify the config of OpenVPN’s server in eth bridging configurations.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/tcp-queue-limit
Description: Maximum number of output packets queued before TCP.
Optional
Type: long
- /software/components/metaconfig/config_openvpn_server/tls-server
Description: Enable TLS and assume server role during TLS handshake.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_server/tls-verify
Description: Run command cmd to verify the X509 name of a pending TLS connection.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/topology
Description: Configure virtual addressing topology when running in –dev tun mode.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_server/up
Description: Run command cmd after successful TUN/TAP device open.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_client
Description: All options only available to a client.
- /software/components/metaconfig/config_openvpn_client/client
Description: A helper directive designed to simplify the configuration of OpenVPN’s client mode.
Required
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_client/max-routes
Description: Maximum rumber of routes.
Optional
Type: long
Range: 0..
- /software/components/metaconfig/config_openvpn_client/remote-cert-tls
Description: Require that peer certificate was signed with an explicit key usage and extended key usage.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_client/remote
Description: Remote host name or IP address.
Required
Type: string
- /software/components/metaconfig/config_openvpn_client/remote-random
Description: When multiple –remote address are specified, initially randomize the order of the list.
Optional
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_client/resolv-retry
Description: If hostname resolve fails for –remote, retry resolve before failing.
Optional
Type: string
- /software/components/metaconfig/config_openvpn_client/tls-client
Description: Enable TLS and assume client role during TLS handshake.
Required
Type: boolean
Default value: false
- /software/components/metaconfig/config_openvpn_client/tls-exit
Description: Exit on TLS negotiation failure.
Optional
Type: boolean
Default value: false
