1 ##############################################
2 # Sample client-side OpenVPN 2.0 config file #
3 # for connecting to multi-client server. #
5 # This configuration can be used by multiple #
6 # clients, however each client should have #
7 # its own cert and key files. #
9 # On Windows, you might want to rename this #
10 # file so it has a .ovpn extension #
11 ##############################################
13 # Specify that we are a client and that we
14 # will be pulling certain config file directives
18 # Use the same setting as you are using on
20 # On most systems, the VPN will not function
21 # unless you partially or fully disable
22 # the firewall for the TUN/TAP interface.
26 # Windows needs the TAP-Win32 adapter name
27 # from the Network Connections panel
28 # if you have more than one. On XP SP2,
29 # you may need to disable the firewall
30 # for the TAP adapter.
33 # Are we connecting to a TCP or
34 # UDP server? Use the same setting as
39 # The hostname/IP and port of the server.
40 # You can have multiple remote entries
41 # to load balance between the servers.
42 remote my-server-1 1194
43 ;remote my-server-2 1194
45 # Choose a random host from the remote
46 # list for load-balancing. Otherwise
47 # try hosts in the order specified.
50 # Keep trying indefinitely to resolve the
51 # host name of the OpenVPN server. Very useful
52 # on machines which are not permanently connected
53 # to the internet such as laptops.
56 # Most clients don't need to bind to
57 # a specific local port number.
60 # Downgrade privileges after initialization (non-Windows only)
64 # Try to preserve some state across restarts.
67 # If you are connecting through an
68 # HTTP proxy to reach the actual OpenVPN
69 # server, put the proxy server/IP and
70 # port number here. See the man page
71 # if your proxy server requires
73 ;http-proxy-retry # retry on connection failures
74 ;http-proxy [proxy server] [proxy port #]
76 # Wireless networks often produce a lot
77 # of duplicate packets. Set this flag
78 # to silence duplicate packet warnings.
82 # See the server config file for more
83 # description. It's best to use
84 # a separate .crt/.key file pair
85 # for each client. A single ca
86 # file can be used for all clients.
91 # Verify server certificate by checking that the
92 # certificate has the correct key usage set.
93 # This is an important precaution to protect against
94 # a potential attack discussed here:
95 # http://openvpn.net/howto.html#mitm
97 # To use this feature, you will need to generate
98 # your server certificates with the keyUsage set to
99 # digitalSignature, keyEncipherment
100 # and the extendedKeyUsage to
102 # EasyRSA can do this for you.
103 remote-cert-tls server
105 # If a tls-auth key is used on the server
106 # then every client must also have the key.
109 # Select a cryptographic cipher.
110 # If the cipher option is used on the server
111 # then you must also specify it here.
112 # Note that v2.4 client/server will automatically
113 # negotiate AES-256-GCM in TLS mode.
114 # See also the data-ciphers option in the manpage
117 # Enable compression on the VPN link.
118 # Don't enable this unless it is also
119 # enabled in the server config file.
122 # Set log file verbosity.
125 # Silence repeating messages