{{tag>openvpn example}}

====== ovpn file example ======

<file openvpn file.ovpn>
dev tun
proto tcp-client

remote vpn_server_ip 1194

# route to access local network (192.168.190.0)
# from vpn client network (10.21.21.1)
route 192.168.10.0 255.255.255.0 10.21.21.1

# tunnel all traffic through vpn
redirect-gateway def1 

tls-client

user nobody
group nogroup

#comp-lzo # Do not use compression.

# More reliable detection when a system loses its connection.
ping 15
ping-restart 45
ping-timer-rem
persist-tun
persist-key

mute-replay-warnings

verb 3

cipher BF-CBC
auth SHA1
pull

auth-user-pass

<ca>
-----BEGIN CERTIFICATE-----
...
ca cert here
...
-----END CERTIFICATE-----
</ca>
</file>


<file openvpn client-example-2.txt>
client
dev tun

proto udp
remote vpn.example.org
port 1194

resolv-retry infinite

nobind

persist-key
persist-tun

# use this to point to certificates or embed them directly in file like below
#ca ca.crt
#cert client.crt
#key client.key

remote-cert-tls server

key-direction 1

cipher AES-256-CBC

#Uncomment this block to ignore the pushed DNS servers and use your own
#pull-filter ignore "dhcp-option DNS" 
#dhcp-option DNS 1.1.1.1            
#dhcp-option DNS 1.0.0.1

verb 3


# embedded certificates
<ca>
... CA certificate
</ca>
<key>
... client's key
</key>
<cert>
... client's certificate
</cert>
<tls-auth>
... tls-auth ta.key
</tls-auth>
</file>
====== Tested on ======
  * Mikrotik Openvpn setup

====== See also ======
  * [[wiki:mikrotik_openvpn_setup|Mikrotik OpenVPN setup]]

====== References ======
  * https://forum.mikrotik.com/viewtopic.php?t=116780#p577403