1# 2# Sample OpenVPN configuration file for 3# home using SSL/TLS mode and RSA certificates/keys. 4# 5# '#' or ';' may be used to delimit comments. 6 7# Use a dynamic tun device. 8# For Linux 2.2 or non-Linux OSes, 9# you may want to use an explicit 10# unit number such as "tun1". 11# OpenVPN also supports virtual 12# ethernet "tap" devices. 13dev tun 14 15# Our OpenVPN peer is the office gateway. 16remote 1.2.3.4 17 18# 10.1.0.2 is our local VPN endpoint (home). 19# 10.1.0.1 is our remote VPN endpoint (office). 20ifconfig 10.1.0.2 10.1.0.1 21 22# Our up script will establish routes 23# once the VPN is alive. 24up ./home.up 25 26# In SSL/TLS key exchange, Office will 27# assume server role and Home 28# will assume client role. 29tls-client 30 31# Certificate Authority file 32ca my-ca.crt 33 34# Our certificate/public key 35cert home.crt 36 37# Our private key 38key home.key 39 40# OpenVPN 2.0 uses UDP port 1194 by default 41# (official port assignment by iana.org 11/04). 42# OpenVPN 1.x uses UDP port 5000 by default. 43# Each OpenVPN tunnel must use 44# a different port number. 45# lport or rport can be used 46# to denote different ports 47# for local and remote. 48; port 1194 49 50# Downgrade UID and GID to 51# "nobody" after initialization 52# for extra security. 53; user nobody 54; group nobody 55 56# If you built OpenVPN with 57# LZO compression, uncomment 58# out the following line. 59; comp-lzo 60 61# Send a UDP ping to remote once 62# every 15 seconds to keep 63# stateful firewall connection 64# alive. Uncomment this 65# out if you are using a stateful 66# firewall. 67; ping 15 68 69# Uncomment this section for a more reliable detection when a system 70# loses its connection. For example, dial-ups or laptops that 71# travel to other locations. 72; ping 15 73; ping-restart 45 74; ping-timer-rem 75; persist-tun 76; persist-key 77 78# Verbosity level. 79# 0 -- quiet except for fatal errors. 80# 1 -- mostly quiet, but display non-fatal network errors. 81# 3 -- medium output, good for normal operation. 82# 9 -- verbose, good for troubleshooting 83verb 3 84