openvpn server config example

server.conf

@@ -0,0 +1,68 @@
+# Example server config for OpenVPN 2.3
+# See /etc/rc.local for additional OS setup
+
+daemon openvpn
+;multihome
+;local 192.168.1.2
+lport 1194
+proto udp
+dev tun0
+topology subnet
+server 172.27.0.0 255.255.0.0
+;client-to-client
+;management 127.0.0.1 1194 /etc/openvpn/server/management.pw
+;management /run/openvpn/management.socket unix
+;management-client-user openvpn
+;management-client-group zabbix
+;max-clients 5000
+;nice -1
+fast-io
+;fragment n
+;cipher BF-CBC
+;keysize 24
+;auth SHA1
+opt-verify
+
+ca /etc/openvpn/server/keys/ca.crt
+cert /etc/openvpn/server/keys/server.crt
+key /etc/openvpn/server/keys/server.key
+dh /etc/openvpn/server/keys/dh.pem
+crl-verify /etc/openvpn/server/keys/crl.pem
+tls-auth /etc/openvpn/server/keys/ta.key 0
+
+tls-server
+;tls-timeout 2
+
+user openvpn
+group openvpn
+persist-key
+persist-tun
+
+tmp-dir /tmp
+client-config-dir /etc/openvpn/server/client-configs
+ccd-exclusive
+
+;script-security 1
+script-security 2
+client-connect /etc/openvpn/server/scripts/client-connect
+client-disconnect /etc/openvpn/server/scripts/client-disconnect
+;tls-verify /etc/openvpn/server/scripts/tls-verify
+;up /etc/openvpn/server/scripts/up
+;down /etc/openvpn/server/scripts/down
+
+keepalive 3 30
+comp-lzo adaptive
+push "comp-lzo adaptive"
+
+# Commented because will be pushed to clients only (via per client-config), not to routers.
+;push "route 10.210.0.0 255.255.0.0"
+
+;push "redirect-gateway def1"
+;push "dhcp-option DNS 208.67.222.222"
+;push "dhcp-option DNS 208.67.222.220"
+;push "dhcp-option DNS 8.8.4.4"
+
+status /var/log/openvpn/server-status.log 10
+status-version 1
+log-append /var/log/openvpn/server.log
+verb 3