Except for common -stats, -egd, -syslog options client has the following ones:
Expected TUN/TAP interface MTU.
Network protocol to use. Can be either udp (default) or tcp.
Use specified host:port Proxy server for accessing remote server.
Optional user:password for HTTP Basic authorization on proxy server.
Address (host:port
format) of remote server we need to connect to.
TUN/TAP interface name.
Our client’s Verifier.
Path to the file with the passphrase. If omitted, then you will be asked to enter it in the terminal.
Timeout setting in seconds.
Disable reconnection after timeout.
Optional time synchronization requirement. If set to zero, then no synchronization required.
Enable Noise.
Set CPR in KiB/sec.
Enable encryptionless mode.
Optional path to script that will be executed after connection is established. Interface name will be given to it as a first argument.
Same as -up above, but it is executed when connection is lost, when we exit.
Example up-script that calls DHCP client and IPv6 advertisement solicitation:
client$ cat > up.sh <<EOF #!/bin/sh dhclient $GOVPN_IFACE rtsol $GOVPN_IFACE EOF client$ chmod +x up.sh