Client Config
client
dev tun
dev-node MyTap
proto udp
remote *omitted* 1194
cipher AES-128-CBC
resolv-retry infinite
nobind
persist-key
persist-tun
#ca ca.crt
<ca>
*omitted*
-----END CERTIFICATE-----
</ca>
#cert client1.crt
<cert>
*omitted*
-----BEGIN CERTIFICATE-----
*omitted
-----END CERTIFICATE-----
</cert>
#key client1.key
<key>
-----BEGIN PRIVATE KEY-----
*omitted*
-----END PRIVATE KEY-----
</key>
ns-cert-type server
comp-lzo
verb 3
explicit-exit-notify 2
ping 10
ping-restart 60
register-dns
route-method exe
route-delay 2
dev tun
dev-node MyTap
proto udp
remote *omitted* 1194
cipher AES-128-CBC
resolv-retry infinite
nobind
persist-key
persist-tun
#ca ca.crt
<ca>
*omitted*
-----END CERTIFICATE-----
</ca>
#cert client1.crt
<cert>
*omitted*
-----BEGIN CERTIFICATE-----
*omitted
-----END CERTIFICATE-----
</cert>
#key client1.key
<key>
-----BEGIN PRIVATE KEY-----
*omitted*
-----END PRIVATE KEY-----
</key>
ns-cert-type server
comp-lzo
verb 3
explicit-exit-notify 2
ping 10
ping-restart 60
register-dns
route-method exe
route-delay 2
Server config
#local 192.168.0.100
port 1194 #change to any port you see fit. The client needs to use the same port
proto udp #switch to tcp if you wish to use a tcp connection, the client needs to use the same protocol. udp gives better performance
dev tun
dev-node MyTap #name of your TAP interface.
topology subnet
server 10.8.0.0 255.255.255.0 #This may need modification as dictated by Internet Connection Settings. This is the default for ICS on Windows 7.
client-to-client
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
ifconfig-pool-persist ipp.txt
cipher AES-128-CBC
push "redirect-gateway def1" #tells all Internet traffic to go through the tunnel
push "route 192.168.0.0 255.255.255.0"
push "dhcp-option DNS 208.67.222.222" #OpenDNS servers
push "dhcp-option DNS 208.67.222.220"
keepalive 10 120
comp-lzo #compression for better network performance. Disable if your server isn't powerful enough. Needs to be included in both server and client configs if you use it.
persist-key
persist-tun
status openvpn-status.log
verb 3
port 1194 #change to any port you see fit. The client needs to use the same port
proto udp #switch to tcp if you wish to use a tcp connection, the client needs to use the same protocol. udp gives better performance
dev tun
dev-node MyTap #name of your TAP interface.
topology subnet
server 10.8.0.0 255.255.255.0 #This may need modification as dictated by Internet Connection Settings. This is the default for ICS on Windows 7.
client-to-client
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
ifconfig-pool-persist ipp.txt
cipher AES-128-CBC
push "redirect-gateway def1" #tells all Internet traffic to go through the tunnel
push "route 192.168.0.0 255.255.255.0"
push "dhcp-option DNS 208.67.222.222" #OpenDNS servers
push "dhcp-option DNS 208.67.222.220"
keepalive 10 120
comp-lzo #compression for better network performance. Disable if your server isn't powerful enough. Needs to be included in both server and client configs if you use it.
persist-key
persist-tun
status openvpn-status.log
verb 3