# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
-;cipher x
+# Note that 2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
-comp-lzo
+#comp-lzo
# Set log file verbosity.
verb 3
# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
-;cipher BF-CBC # Blowfish (default)
-;cipher AES-128-CBC # AES
-;cipher DES-EDE3-CBC # Triple-DES
-
-# Enable compression on the VPN link.
+# Note that 2.4 client/server will automatically
+# negotiate AES-256-GCM in TLS mode.
+# See also the ncp-cipher option in the manpage
+cipher AES-256-CBC
+
+# Enable compression on the VPN link and push the
+# option to the client (2.4+ only, for earlier
+# versions see below)
+;compress lz4-v2
+;push "compress lz4-v2"
+
+# For compression compatible with older clients use comp-lzo
# If you enable it here, you must also
# enable it in the client config file.
-comp-lzo
+;comp-lzo
# The maximum number of concurrently connected
# clients we want to allow.
# sequential messages of the same message
# category will be output to the log.
;mute 20
+
+# Notify the client that when the server restarts so it
+# can automatically reconnect.
+explicit-exit-notify 1
# Our pre-shared static key
secret static.key
+# Cipher to use
+cipher AES-256-CBC
+
# OpenVPN 2.0 uses UDP port 1194 by default
# (official port assignment by iana.org 11/04).
# OpenVPN 1.x uses UDP port 5000 by default.
projects / thirdparty / openvpn.git / commitdiff
