Merge pull request #948 from CDCgov/story-786-prd_vpn

CDCgov · Mar 13, 2024 · 930db10 · 930db10
2 parents 04c5e09 + c8b2a12
commit 930db10
Showing 1 changed file with 48 additions and 0 deletions.
diff --git a/operations/vpn/prd.ovpn b/operations/vpn/prd.ovpn
@@ -0,0 +1,48 @@
+client
+remote azuregateway-e4980077-1f89-4358-8a0e-3b4196153cd7-46251161d08a.vpn.azure.com 443
+verify-x509-name e4980077-1f89-4358-8a0e-3b4196153cd7.vpn.azure.com name
+remote-cert-tls server
+
+dev tun
+proto tcp
+resolv-retry infinite
+nobind
+
+auth SHA256
+cipher AES-256-GCM
+persist-key
+persist-tun
+
+tls-timeout 30
+tls-version-min 1.2
+key-direction 1
+
+dhcp-option DNS 172.17.71.100
+dhcp-option DOMAIN azure.net
+dhcp-option DOMAIN azure.com
+dhcp-option DOMAIN azurewebsites.net
+dhcp-option DOMAIN windows.net
+
+verb 3
+
+# P2S CA root certificate
+ca ca.crt
+
+# Pre Shared Key
+tls-auth tls.key
+
+# P2S client certificate
+# Please fill this field with a PEM formatted client certificate
+# Alternatively, configure 'cert PATH_TO_CLIENT_CERT' to use input from a PEM certificate file.
+cert user.crt
+
+# P2S client certificate private key
+# Please fill this field with a PEM formatted private key of the client certificate.
+# Alternatively, configure 'key PATH_TO_CLIENT_KEY' to use input from a PEM key file.
+key user.key
+
+# DNS
+script-security 2
+up /etc/openvpn/update-systemd-resolved
+down /etc/openvpn/update-systemd-resolved
+down-pre