77 lines
1.6 KiB
Plaintext
77 lines
1.6 KiB
Plaintext
# Notice to Mullvad customers:
|
|
#
|
|
# For those of you behind very restrictive firewalls,
|
|
# you can use our tunnels on tcp port 443, as well as
|
|
# on udp port 53.
|
|
client
|
|
|
|
dev tun
|
|
|
|
proto udp
|
|
#proto udp
|
|
#proto tcp
|
|
|
|
remote nl.mullvad.net 1300
|
|
cipher AES-256-CBC
|
|
|
|
#remote openvpn.mullvad.net 443
|
|
#cipher BF-CBC
|
|
|
|
#remote openvpn.mullvad.net 53
|
|
#cipher BF-CBC
|
|
|
|
#remote se.mullvad.net 1300 # Servers in Sweden
|
|
#cipher AES-256-CBC
|
|
|
|
#remote nl.mullvad.net 1300 # Servers in the Netherlands
|
|
#cipher AES-256-CBC
|
|
|
|
#remote de.mullvad.net 1300 # Servers in Germany
|
|
#cipher AES-256-CBC
|
|
|
|
#remote us.mullvad.net 1300 # Servers in the USA
|
|
#cipher AES-256-CBC
|
|
|
|
# Tunnel IPv6 traffic as well as IPv4
|
|
#tun-ipv6
|
|
|
|
# Keep trying indefinitely to resolve the
|
|
# host name of the OpenVPN server. Very useful
|
|
# on machines which are not permanently connected
|
|
# to the internet such as laptops.
|
|
resolv-retry infinite
|
|
|
|
# Most clients don't need to bind to
|
|
# a specific local port number.
|
|
nobind
|
|
|
|
# Try to preserve some state across restarts.
|
|
persist-key
|
|
persist-tun
|
|
|
|
# Enable compression on the VPN link.
|
|
# Don't enable this unless it is also
|
|
# enabled in the server config file.
|
|
comp-lzo
|
|
|
|
# Set log file verbosity.
|
|
verb 3
|
|
|
|
remote-cert-tls server
|
|
|
|
ping-restart 60
|
|
|
|
# Daemonize
|
|
service mullvadopenvpn
|
|
|
|
ping 10
|
|
|
|
ca ca.crt
|
|
cert mullvad.crt
|
|
key mullvad.key
|
|
|
|
crl-verify crl.pem
|
|
|
|
# Limit range of possible TLS cipher-suites
|
|
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA:TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA:TLS-DHE-RSA-WITH-SEED-CBC-SHA:TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
|