# OpenVPN server configuration file
# Use port 1194 for TCP and port 2295 for UDP
port 1194
port 2295
proto tcp
proto udp
# Use tun for the tunnel device
dev tun
# Use the local network address and subnet for the VPN
server 10.8.0.0 255.255.255.0
# Use the server's public IP address for the VPN
# If the server is behind a NAT, use the external IP address and add "float"
# to the server configuration file
# server <external_ip_address> <netmask>
# Use Open HTTP Puncher for NAT traversal
# This requires the server to have a public IP address and to disable
# any firewall or security software that could interfere with UDP traffic
# If the server is behind a NAT, use the external IP address and add "float"
# to the server configuration file
# server <external_ip_address> <netmask> float
mode server
tls-server
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-RSA-WITH-AES-128-CBC-SHA
cipher AES-256-CBC
auth SHA256
dh none
ecdh-curve secp384r1
tls-crypt ta.key
keepalive 10 120
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3