@@ -22,72 +22,84 @@ Currently it is intended to be run against the OpenVPN AS Appliance as provided
2222
2323All of this section are passed verbatim through to ` sacli ` .
2424
25- * ` admin_ui_https_ip_address ` -
26- * ` admin_ui_https_port ` -
27- * ` aui_eula_version ` -
28- * ` auth_ldap_0_add_req ` -
25+ * ` admin_ui_https_ip_address ` -
26+ * ` admin_ui_https_port ` -
27+ * ` aui_eula_version ` -
28+ * ` auth_ldap_0_add_req ` -
2929* ` auth_ldap_0_bind_dn ` - Username to connect to (eg: ` administrator@ldap.example.com ` )
3030* ` auth_ldap_0_bind_pw ` - Password to connect with
3131* ` auth_ldap_0_name ` - Friendly name of the LDAP server
3232* ` auth_ldap_0_server_0_host ` - 1st LDAP server hostname
3333* ` auth_ldap_0_server_1_host ` - 2nd LDAP server hostname
3434* ` auth_ldap_0_ssl_verify ` - Should SSL be enabled. Must be one of always', 'never', 'adaptive. Defaults to ` always ` .
35- * ` auth_ldap_0_timeout ` -
35+ * ` auth_ldap_0_timeout ` -
3636* ` auth_ldap_0_uname_attr ` - The Username Attribute. This is often uid for generic LDAP servers and sAMAccountName for Active Directory LDAP servers.
3737* ` auth_ldap_0_use_ssl ` - Should SSL be enabled. Must be one of always', 'never', 'adaptive. Defaults to ` always ` .
3838* ` auth_ldap_0_users_base_dn ` - Search DN (eg: ` cn=Users,dc=ldap,dc=example,dc=com ` )
3939* ` auth_module_type ` - LDAP/Radiu/PAM
40- * ` auth_pam_0_service ` -
41- * ` auth_radius_0_acct_enable ` -
42- * ` auth_radius_0_name ` -
43- * ` cs_admin_only ` -
40+ * ` auth_pam_0_service ` -
41+ * ` auth_radius_0_acct_enable ` -
42+ * ` auth_radius_0_name ` -
43+ * ` auth_saml_0_authncontexts ` -
44+ * ` auth_saml_0_enable ` -
45+ * ` auth_saml_0_forceauthn ` -
46+ * ` auth_saml_0_idp_cert ` -
47+ * ` auth_saml_0_idp_entityid ` -
48+ * ` auth_saml_0_idp_logout_endpoint ` -
49+ * ` auth_saml_0_idp_signon_endpoint ` -
50+ * ` auth_saml_0_requestauthncontext ` -
51+ * ` auth_saml_0_sp_cert ` -
52+ * ` auth_saml_0_sp_hostname ` -
53+ * ` auth_saml_0_sp_key ` -
54+ * ` auth_saml_0_timeout ` -
55+ * ` cs_admin_only ` -
4456* ` cs_ca_bundle ` - The CA Bundle to use for the web server
4557* ` cs_cert ` - The TLS Certificate to use for the web server
46- * ` cs_cws_proto_v2 ` -
47- * ` cs_cws_ui_offer_android ` -
48- * ` cs_cws_ui_offer_autologin ` -
49- * ` cs_cws_ui_offer_ios ` -
50- * ` cs_cws_ui_offer_linux ` -
51- * ` cs_cws_ui_offer_mac ` -
52- * ` cs_cws_ui_offer_server_locked ` -
53- * ` cs_cws_ui_offer_user_locked ` -
54- * ` cs_cws_ui_offer_win ` -
55- * ` cs_https_ip_address ` -
56- * ` cs_https_port ` -
58+ * ` cs_cws_proto_v2 ` -
59+ * ` cs_cws_ui_offer_android ` -
60+ * ` cs_cws_ui_offer_autologin ` -
61+ * ` cs_cws_ui_offer_ios ` -
62+ * ` cs_cws_ui_offer_linux ` -
63+ * ` cs_cws_ui_offer_mac ` -
64+ * ` cs_cws_ui_offer_server_locked ` -
65+ * ` cs_cws_ui_offer_user_locked ` -
66+ * ` cs_cws_ui_offer_win ` -
67+ * ` cs_https_ip_address ` -
68+ * ` cs_https_port ` -
5769* ` cs_priv_key ` - The TLS Private key to use for the web server
58- * ` cs_prof_sign_web ` -
59- * ` host_name ` -
60- * ` sa_initial_run_groups_0 ` -
61- * ` sa_initial_run_groups_1 ` -
62- * ` vpn_client_basic ` -
63- * ` vpn_client_config_text ` -
64- * ` vpn_client_routing_inter_client ` -
65- * ` vpn_client_routing_reroute_dns ` -
66- * ` vpn_client_routing_reroute_gw ` -
67- * ` vpn_daemon_0_client_netmask_bits ` -
68- * ` vpn_daemon_0_client_network ` -
69- * ` vpn_daemon_0_listen_ip_address ` -
70- * ` vpn_daemon_0_listen_port ` -
71- * ` vpn_daemon_0_listen_protocol ` -
72- * ` vpn_daemon_0_server_ip_address ` -
73- * ` vpn_server_config_text ` -
74- * ` vpn_server_daemon_enable ` -
75- * ` vpn_server_daemon_tcp_n_daemons ` -
76- * ` vpn_server_daemon_tcp_port ` -
77- * ` vpn_server_daemon_udp_n_daemons ` -
78- * ` vpn_server_daemon_udp_port ` -
79- * ` vpn_server_google_auth_enable ` -
80- * ` vpn_server_group_pool_0 ` -
81- * ` vpn_server_nat_masquerade ` -
82- * ` vpn_server_port_share_enable ` -
83- * ` vpn_server_port_share_ip_address ` -
84- * ` vpn_server_port_share_port ` -
85- * ` vpn_server_port_share_service ` -
86- * ` vpn_server_routing_private_access ` -
87- * ` vpn_server_routing_private_network_0 ` -
88- * ` vpn_tls_refresh_do_reauth ` -
89- * ` vpn_tls_refresh_interval ` -
90- * ` xmlrpc_relay_level ` -
70+ * ` cs_prof_sign_web ` -
71+ * ` host_name ` -
72+ * ` sa_initial_run_groups_0 ` -
73+ * ` sa_initial_run_groups_1 ` -
74+ * ` vpn_client_basic ` -
75+ * ` vpn_client_config_text ` -
76+ * ` vpn_client_routing_inter_client ` -
77+ * ` vpn_client_routing_reroute_dns ` -
78+ * ` vpn_client_routing_reroute_gw ` -
79+ * ` vpn_daemon_0_client_netmask_bits ` -
80+ * ` vpn_daemon_0_client_network ` -
81+ * ` vpn_daemon_0_listen_ip_address ` -
82+ * ` vpn_daemon_0_listen_port ` -
83+ * ` vpn_daemon_0_listen_protocol ` -
84+ * ` vpn_daemon_0_server_ip_address ` -
85+ * ` vpn_server_config_text ` -
86+ * ` vpn_server_daemon_enable ` -
87+ * ` vpn_server_daemon_tcp_n_daemons ` -
88+ * ` vpn_server_daemon_tcp_port ` -
89+ * ` vpn_server_daemon_udp_n_daemons ` -
90+ * ` vpn_server_daemon_udp_port ` -
91+ * ` vpn_server_google_auth_enable ` -
92+ * ` vpn_server_group_pool_0 ` -
93+ * ` vpn_server_nat_masquerade ` -
94+ * ` vpn_server_port_share_enable ` -
95+ * ` vpn_server_port_share_ip_address ` -
96+ * ` vpn_server_port_share_port ` -
97+ * ` vpn_server_port_share_service ` -
98+ * ` vpn_server_routing_private_access ` -
99+ * ` vpn_server_routing_private_network_0 ` -
100+ * ` vpn_tls_refresh_do_reauth ` -
101+ * ` vpn_tls_refresh_interval ` -
102+ * ` xmlrpc_relay_level ` -
91103- ` vpn_server_dhcp_option_dns_0 ` -
92104- ` vpn_server_dhcp_option_domain ` -
93105
@@ -144,4 +156,4 @@ Robin Kearney <robin@kearney.co.uk>
144156
145157[Ansible Vault]: https://docs.ansible.com/ansible/2.4/vault.html
146158[sacli]: https://docs.openvpn.net/command-line/
147- [OpenVPN Access Server]: https://openvpn.net/vpn-server/
159+ [OpenVPN Access Server]: https://openvpn.net/vpn-server/
0 commit comments