openvpn-mgt/roadwarrior.conf

# external files
tls-auth          /etc/openvpn/tlsauth.key
dh                /etc/openvpn/dh2048.pem
ca                /usr/local/share/ca-certificates/Dailymotion.crt
cert              /etc/ssl/certs/vpn.dailymotion.com-cert.pem
key               /etc/ssl/private/vpn.dailymotion.com-key.pem

# local parameters
port              41690
tls-server
mode              server
ifconfig          192.168.200.1 255.255.248.0
topology          subnet
dev               vpnadmin
dev-type          tun
#local             188.65.121.190

# security
user              openvpn
group             openvpn
reneg-sec         43200
management        127.0.0.1 4000
management-client
management-client-auth
auth-user-pass-optional
client-cert-not-required
username-as-common-name

# push
push              "dhcp-option DNS 10.190.32.2"
push              "dhcp-option DNS 10.190.32.20"
push              "route-gateway 192.168.200.1"
push              "topology subnet"

# crypto
cipher            aes-128-cbc
keepalive         10 120
persist-key

ifconfig-nowarn
persist-remote-ip
persist-tun
verb              0