mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-09 08:16:58 +08:00
33 lines
626 B
INI
33 lines
626 B
INI
global
|
|
#user haproxy
|
|
#group haproxy
|
|
#daemon
|
|
|
|
# Default SSL material locations
|
|
#ca-base /etc/ssl/certs
|
|
#crt-base /etc/ssl/private
|
|
|
|
ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
|
|
|
|
|
|
defaults
|
|
log global
|
|
mode http
|
|
option dontlognull
|
|
timeout connect 5000
|
|
timeout client 50000
|
|
timeout server 50000
|
|
|
|
frontend ssl
|
|
mode tcp
|
|
bind *:@HAPORT@
|
|
tcp-request inspect-delay 5s
|
|
tcp-request content accept if { req.ssl_hello_type 1 }
|
|
|
|
use_backend ocserv
|
|
|
|
backend ocserv
|
|
mode tcp
|
|
option ssl-hello-chk
|
|
server server-vpn @ADDRESS@:@PORT@ send-proxy-v2
|