############################################## # Sample client-side OpenVPN 2.0 config file # # for connecting to multi-client server. # # # # This configuration can be used by multiple # # clients, however each client should have # # its own cert and key files. # # # # On Windows, you might want to rename this # # file so it has a .ovpn extension # ############################################## auth-nocache remote-cert-tls server auth-user-pass # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client # Use the same setting as you are using on # the server. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. ;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel # if you have more than one. On XP SP2, # you may need to disable the firewall # for the TAP adapter. ;dev-node MyTap # Are we connecting to a TCP or # UDP server? Use the same setting as # on the server. ;proto tcp proto udp # The hostname/IP and port of the server. # You can have multiple remote entries # to load balance between the servers. remote vpn2.bytz.io 1194 ;remote my-server-2 1194 # Choose a random host from the remote # list for load-balancing. Otherwise # try hosts in the order specified. ;remote-random # Keep trying indefinitely to resolve the # host name of the OpenVPN server. Very useful # on machines which are not permanently connected # to the internet such as laptops. resolv-retry infinite # Most clients don't need to bind to # a specific local port number. nobind # Downgrade privileges after initialization (non-Windows only) ;user nobody ;group nogroup # Try to preserve some state across restarts. persist-key persist-tun # If you are connecting through an # HTTP proxy to reach the actual OpenVPN # server, put the proxy server/IP and # port number here. See the man page # if your proxy server requires # authentication. ;http-proxy-retry # retry on connection failures ;http-proxy [proxy server] [proxy port #] # Wireless networks often produce a lot # of duplicate packets. Set this flag # to silence duplicate packet warnings. ;mute-replay-warnings # SSL/TLS parms. # See the server config file for more # description. It's best to use # a separate .crt/.key file pair # for each client. A single ca # file can be used for all clients. ;ca ca.crt ;cert client.crt ;key client.key # Verify server certificate by checking # that the certicate has the nsCertType # field set to "server". This is an # important precaution to protect against # a potential attack discussed here: # http://openvpn.net/howto.html#mitm # # To use this feature, you will need to generate # your server certificates with the nsCertType # field set to "server". The build-key-server # script in the easy-rsa folder will do this. ;ns-cert-type server # If a tls-auth key is used on the server # then every client must also have the key. ;tls-auth ta.key 1 # Select a cryptographic cipher. # If the cipher option is used on the server # then you must also specify it here. ;cipher x cipher AES-256-CBC # Enable compression on the VPN link. # Don't enable this unless it is also # enabled in the server config file. #comp-lzo # Set log file verbosity. verb 3 # Silence repeating messages ;mute 20 -----BEGIN CERTIFICATE----- MIIEpzCCA4+gAwIBAgIJAKBkABLXKvGcMA0GCSqGSIb3DQEBCwUAMIGTMQswCQYD VQQGEwJVUzELMAkGA1UECBMCQ0ExFDASBgNVBAcTC0xvcyBBbmdlbGVzMRAwDgYD VQQKEwdCeXR6LmlvMQwwCgYDVQQLEwNEZXYxFDASBgNVBAMTC3Zwbi5ieXR6Lmlv MQ8wDQYDVQQpEwZzZXJ2ZXIxGjAYBgkqhkiG9w0BCQEWC3JvYkBicmF4Lm1lMB4X DTE4MDYxMjE3MzIzM1oXDTI4MDYwOTE3MzIzM1owgZMxCzAJBgNVBAYTAlVTMQsw CQYDVQQIEwJDQTEUMBIGA1UEBxMLTG9zIEFuZ2VsZXMxEDAOBgNVBAoTB0J5dHou aW8xDDAKBgNVBAsTA0RldjEUMBIGA1UEAxMLdnBuLmJ5dHouaW8xDzANBgNVBCkT BnNlcnZlcjEaMBgGCSqGSIb3DQEJARYLcm9iQGJyYXgubWUwggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCnm2M6EwPwbYlCZ87AbMfznla71jhdYLfzZITq 1H5gvyn4fGv6C+w62eSuSIJMuoWvKz2m7pH3Sc0CXF+rbq/PqXm0I2Fl+56eCNwO 1U6SqxFWOTXo4vndjRXZBEM8vK6Jan2X9I5LQpAcx6PXZm7l8DIbhrQLvhMmKli4 JumLDB/rt9OxhG8XznEizxyqhw2kE4F4Yx5Bz3P1Ef8MSXaIlkP/+Qh1u5XAqOAt mR+k5E1gvt2H7BZkwIWtESXsWxN1Qoj2wc9kQmZuP+nSjCXjndJ1/2IkX7yZRWV2 RQPMS5Dii0dwmcL16gabkAqoCZE9/2ZzgMwnLJafS9EztL1FAgMBAAGjgfswgfgw HQYDVR0OBBYEFITJ7Svonr/KJQjA4F6Q8pZVWZkuMIHIBgNVHSMEgcAwgb2AFITJ 7Svonr/KJQjA4F6Q8pZVWZkuoYGZpIGWMIGTMQswCQYDVQQGEwJVUzELMAkGA1UE CBMCQ0ExFDASBgNVBAcTC0xvcyBBbmdlbGVzMRAwDgYDVQQKEwdCeXR6LmlvMQww CgYDVQQLEwNEZXYxFDASBgNVBAMTC3Zwbi5ieXR6LmlvMQ8wDQYDVQQpEwZzZXJ2 ZXIxGjAYBgkqhkiG9w0BCQEWC3JvYkBicmF4Lm1lggkAoGQAEtcq8ZwwDAYDVR0T BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAETG4qaKhHXAb99s7etap4Ceew6M/ eMmJg1Q6BoIbxq1SlNjNBuu8D+kGm3XklSnQ9c8FROdKK3A+s5AHaEbu+JU+vjjT FSoQax2NaQURcO7i3SJF/Gx1BZEVfM4xNx64HEEFpyfdys1wqmMGGN2t9WhVr9HL Bo9bu9lqaDwIacoVzdQ7RLOu3NFUaWwaZQH9YZeAjK9gwXPrmKYtwMf8YI+mdMOS Q6OAfn6PYng7uBtoq8HrecKKrKOrHt8WwLlvX4iZHX8oDNmb1IcO7guXqvwevI1+ ZNgG1LQVe8FermBw/iRSZB3QCY9E5kSC5sItjqu2ZdLUigQpT1R1x0/dmw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBkzELMAkGA1UEBhMCVVMx CzAJBgNVBAgTAkNBMRQwEgYDVQQHEwtMb3MgQW5nZWxlczEQMA4GA1UEChMHQnl0 ei5pbzEMMAoGA1UECxMDRGV2MRQwEgYDVQQDEwt2cG4uYnl0ei5pbzEPMA0GA1UE KRMGc2VydmVyMRowGAYJKoZIhvcNAQkBFgtyb2JAYnJheC5tZTAeFw0xODA2MTIx NzU1MThaFw0yODA2MDkxNzU1MThaMIGQMQswCQYDVQQGEwJVUzELMAkGA1UECBMC Q0ExFDASBgNVBAcTC0xvcyBBbmdlbGVzMRAwDgYDVQQKEwdCeXR6LmlvMQwwCgYD VQQLEwNEZXYxEDAOBgNVBAMTB2NsaWVudDExEDAOBgNVBCkTB2NsaWVudDExGjAY BgkqhkiG9w0BCQEWC3JvYkBicmF4Lm1lMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAsHu+uDj1j3aa+rhfViApat02q4q16vzeX8CQzTUjHPIy94XBOf/a eYsNR4N6eQNFwmfn2GBO86Y0zK1M8V2dw6wAFLvZ2w4zbs7vXO/qKkE9eJ7OaemH 2OXQ9uJJi9KiJ7m5eo31pGE2Ehbt1AGvfClNKTfBcAnrgH+NnSkWZVAf3gQ7P7rY ZW4Ts3kheMJkfKEIBz3rOV1L8Nd8K2AYLcg3bAg/9YScpxDRXdZLjdzYOoWFFhki Z64PpHgzO1E7JBHc5rWlsQ5cLkVJ1fuJqlbrhMV+CuBiid/+X0y0Syde7bB/TWYW 4BeOZ/fTlvpnLL55jZalduVsGyWFZ2pl3QIDAQABo4IBXjCCAVowCQYDVR0TBAIw ADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRl MB0GA1UdDgQWBBQQhexSkYuLMXI+v2lY44gfrQld3zCByAYDVR0jBIHAMIG9gBSE ye0r6J6/yiUIwOBekPKWVVmZLqGBmaSBljCBkzELMAkGA1UEBhMCVVMxCzAJBgNV BAgTAkNBMRQwEgYDVQQHEwtMb3MgQW5nZWxlczEQMA4GA1UEChMHQnl0ei5pbzEM MAoGA1UECxMDRGV2MRQwEgYDVQQDEwt2cG4uYnl0ei5pbzEPMA0GA1UEKRMGc2Vy dmVyMRowGAYJKoZIhvcNAQkBFgtyb2JAYnJheC5tZYIJAKBkABLXKvGcMBMGA1Ud JQQMMAoGCCsGAQUFBwMCMAsGA1UdDwQEAwIHgDASBgNVHREECzAJggdjbGllbnQx MA0GCSqGSIb3DQEBCwUAA4IBAQAkWiq+KBRB/18jSNkAdkOncuzOzQ6mVF5UGxaO jVTV2TIY6g9sQCvj5gTOd/uRIqLd4PVNvtiE5cZLMbUV9jAh3lce3K8jUT5QWVYW w1RSCxwahAPQqGeeEty7wN4cRzhkneyJUtVbdhRCBpQEWCn9BOoFT+OxTYFdiVoT in7Wd1h/lIPjkK8xdLRiI5lUssLX8r/sFtQHSJX+SrM1LIPlfyEV/u5GGfyO7fXU L5A2reNFavFJ11qgcWYG+Lqz9+8pZar5JxdhBa12HdlvL/ITagsF9m18R3OtKvLQ zpf2xEIW4VsP6hrdEjwuSdo/EoQWP06vYEzeWUroJaoIq9Zj -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCwe764OPWPdpr6 uF9WIClq3TarirXq/N5fwJDNNSMc8jL3hcE5/9p5iw1Hg3p5A0XCZ+fYYE7zpjTM rUzxXZ3DrAAUu9nbDjNuzu9c7+oqQT14ns5p6YfY5dD24kmL0qInubl6jfWkYTYS Fu3UAa98KU0pN8FwCeuAf42dKRZlUB/eBDs/uthlbhOzeSF4wmR8oQgHPes5XUvw 13wrYBgtyDdsCD/1hJynENFd1kuN3Ng6hYUWGSJnrg+keDM7UTskEdzmtaWxDlwu RUnV+4mqVuuExX4K4GKJ3/5fTLRLJ17tsH9NZhbgF45n99OW+mcsvnmNlqV25Wwb JYVnamXdAgMBAAECggEAF/jXESL7h/8uUfwVRxebSJ6/vFFdIIw0kIERqi4blOT5 M1IByyULwhK3PQ2I50MgiKWggm2ii8n5xguMNgTnVxrX7/kMQIsPRW/qZ49XGWI/ PVEk7JICF94vojlekBWOXSMHJLR/t1JVC+P9bhzEf3MEviKKrfNK/+tTixN3rU8Z JgVCQ6ZgJDw6edNVh5y/IOhTWck1B5no2RsOPBO9BcOfE0Rn8fWsBGfjgdbr3qmW l3J7+etI382T62WYLPl0eC2TA//OrXOJ8JWYdsiVKdt7kRaq8A4CyXLPIaWMp9UP JsrhdbS0kL02mVmaSWstRAB4sLMFoGYdZJuqhbHIqQKBgQDWPRoeYMZ3cwLLvFQe plQKM79mHVwflAI2grgdsli/h6Xa2xqxep8tjNbknHVae3YlVpJCyJ4DCfmNu2j1 cY4gzxF90oZclSN3kHC0NewZxHq+g6fYOLeexIDAf2xrz8H8GCiNrsL0sg/YmGnd lqOv16COh5fEm8DqKUGkZoHP1wKBgQDS4pXJkBU50a6rHrhw4Pl15uQn3PuJ8Lst utm8tSIAb1x8Oz7KZn1GUmvZucY79/Wz9BS/2L8VJ5IBn6BsA5NS4UeZLnIKjcqW Rv7xaJXouX9OLJctMNwD6nsesC0sFlmf62LIImZVCggweXLTALMCIDXhyY4yXyW4 rbRICBbRawKBgFFWrX3vHCrpvZwAiqeAWtPsxbRNXVaX6SctBh4wQkWliLDJEx9j AOBYYpY1WNDbowWWEr3MUUGyHc9T4gud62pFc8yji2PHM8oHSuMAvf0ifb+rWKRd FEnxLTjoqA9et7WwrmTsfxRMLnv7keYRdWAjq8+xZ0u8HshIlaWHTa3NAoGAbbRb 8bBXqm1vLSvdDTOr8m67sBUgccDezspOLQIZfxpvhV0YrBgnAWctHeWrv1Sd6BCI nsi1lt6v8NJGlQpDILF7Gq/zuZPLmOO0Coe6vIeLN3Kw7lxliE/53pwN08qIs02z ZKOokoKWggkb97J8bRWukhfVNlUS/YC3sWUr4aMCgYAf1SjsphGNnk48CGkrc4KD Ix6JTDxiNV90FvQbpX2pBNIYpSSlprYuhM0erEjvU2c09luXsnjXn1Xs5ahx3gCr n0yh/jJt8wUoZIvBdIA26R90oYfYQecxWTGeiMYSJ+Qcy2TMAzlUrsxgc8iQjMJk lm+hua7q5e5ZyNhIGrgzhQ== -----END PRIVATE KEY-----