# server = (--ifconfig 10.0.0.1 10.0.0.2 --ifconfig-pool 10.0.0.4 10.8.0.251 --route 10.0.0.0 255.255.255.0 --push "route 10.0.0.1") server 10.0.0.0 255.255.255.0 dh dh1024.pem ca ca.crt cert server.crt key server.key # Note: this must be transferred to the chroot jail crl-verify crl.pem push "redirect-gateway def1" push "route 192.168.0.0 255.255.255.0" dev tun user nobody group nogroup # sudo mkdir /var/cache/openvpn chroot /var/cache/openvpn status openvpn-status.log verb 3
# --client (--pull --tls-client) client ca ca.crt cert hex90.crt key hex90.key ns-cert-type server remote server.example.com dev tun user nobody group nogroup # sudo mkdir /var/cache/openvpn chroot /var/cache/openvpn status openvpn-status.log verb 3