# This configuration file uses the YAML format. # ~ means "no value" (i.e. "default value") # Replace it by a value and put quotes (") around values with special characters # List items start with a dash and a space (- ) # Note that the whitespace before the settings names is important for the file structure listen: 3210 # The port number or ip:port on which to listen for data. peers: # Address of a peer to connect to. # The address should be in the form `addr:port`. # Put [] for an empty list - node2.example.com:3210 - node3.example.com:3210 crypto: # Crypto settings password: ~ # <-- CHANGE # A password to encrypt the VPN data. private-key: ~ # Private key (alternative to password) public-key: ~ # Public key (alternative to password) trusted-keys: [] # Trusted keys (alternative to password) # Replace [] with list of keys ip: ~ # <-- CHANGE # An IP address to set on the device, e.g. 10.0.0.1 # Must be different for every node on the VPN # ------------------ Advanced features ahead -------------------- auto-claim: true # Whether to automatically claim the configured IP on tun devices claims: # The local subnets to use. This parameter should be in the form # `address/prefixlen` where address is an IPv4 address, an IPv6 address, or a # MAC address. The prefix length is the number of significant front bits that # distinguish the subnet from other subnets. # - 10.1.1.0/24 ifup: ~ # Command to setup the interface. Use $IFNAME for interface name. ifdown: ~ # Command to tear down the interface. Use $IFNAME for interface name. device: # Device settings name: "vpncloud%d" # Name of the virtual device. Any `%d` will be filled with a free number. type: tun # Set the type of network. There are two options: **tap** devices process # Ethernet frames **tun** devices process IP packets. [default: `tun`] path: "/dev/net/tun" # Path of the tun device fix-rp-filter: false # Whether to fix detected rp-filter problems mode: normal # Mode to run in, "normal", "hub", "switch", or "router" (see manpage) port-forwarding: true # Try to map a port on the router switch-timeout: 300 # Switch timeout in seconds (switch mode only) peer-timeout: 300 # Peer timeout in seconds keepalive: ~ # Keepalive interval in seconds beacon: # Beacon settings store: ~ # File or command (prefix: "|") to use for storing beacons load: ~ # File or command (prefix: "|") to use for loading beacons interval: 3600 # How often to load and store beacons (in seconds) password: ~ # Password to encrypt beacon data with statsd: # Statsd settings server: ~ # Statsd server name:port prefix: ~ # Prefix to use for stats keys pid-file: ~ # Store the process id in this file when running in the background stats-file: ~ # Periodically write statistics on peers and current traffic to the given file hook: ~ # Hook script to run for every event hooks: {} # Multiple hook scripts to run for specific events # Copy this template and save it to a file named /etc/vpncloud/MYNET.net (replace MYNET with your network name) # # On systems using systemd (most common): # start/stop the network: service vpncloud@MYNET start/stop # enable/disable automatic startup: systemctl enable/disable vpncloud@MYNET # # On older systems (using sysv init): # Add the network name to /etc/default/vpncloud # start/stop all VpnCloud networks: /etc/init.d/vpncloud start/stop