# Use a dynamic tun device. # For Linux 2.2 or non-Linux OSes, # you may want to use an explicit # unit number such as "tun1". # OpenVPN also supports virtual # ethernet "tap" devices. dev tap # Our OpenVPN peer is the IP of the server remote VPN_SERVER_IP # 192.168.69.2 our local VPN endpoint (client). # 192.168.69.1 is our remote VPN endpoint (server). ifconfig 192.168.69.2 255.255.255.0 # Our up script will establish routes # once the VPN is alive. up ./client-osx-up # In SSL/TLS key exchange, Office will # assume server role and client # will assume client role. tls-client # Certificate Authority file ca client-ca.crt # Our certificate/public key cert client.crt # Our private key key client.key # Use the following settings for optimal performance. proto udp port 5000 # Use the following settings if you have a fascist network administrator # who watches network logs attentively just to catch people like you # proto tcp-client # port 443 # Downgrade UID and GID to # "nobody" after initialization # for extra security. user nobody group nobody # If you built OpenVPN with # LZO compression, uncomment # out the following line. # comp-lzo # Send a UDP ping to remote once # every 15 seconds to keep # stateful firewall connection # alive. Uncomment this # out if you are using a stateful # firewall. ; ping 15 # Uncomment this section for a more reliable detection when a system # loses its connection. For example, dial-ups or laptops that # travel to other locations. ping 15 ; ping-restart 45 ping-timer-rem persist-tun persist-key # Verbosity level. # 0 -- quiet except for fatal errors. # 1 -- mostly quiet, but display non-fatal network errors. # 3 -- medium output, good for normal operation. # 9 -- verbose, good for troubleshooting verb 3