dev tun tls-client remote cloud.monsite.com 443 # The "float" tells OpenVPN to accept authenticated packets from any address, # not only the address which was specified in the --remote option. # This is useful when you are connecting to a peer which holds a dynamic address # such as a dial-in user or DHCP client. # (Please refer to the manual of OpenVPN for more information.) float # If redirect-gateway is enabled, the client will redirect it's # default network gateway through the VPN. # It means the VPN connection will firstly connect to the VPN Server # and then to the internet. # (Please refer to the manual of OpenVPN for more information.) redirect-gateway # dhcp-option DNS: To set primary domain name server address. # Repeat this option to set secondary DNS server addresses. # dhcp-option DNS DNS_IP_ADDRESS dhcp-option DNS 208.67.222.222 dhcp-option DNS 208.67.220.220 pull proto tcp-client script-security 2 # Try to preserve some state across restarts. persist-key persist-tun resolv-retry infinite tls-auth ta.key 1 ca ca.crt cert client.crt key client.key comp-lzo # ns-cert-type server cipher AES-256-CBC auth SHA1 reneg-sec 3600 verb 3 auth-user-pass # auth-nocache