### OpenVPN Road-Warrior Server Configuration

# "External" Networking
local __X__
port __X__
proto udp
keepalive 10 120

# System security
user nobody
group nogroup
persist-key
persist-tun
script-security 2
tmp-dir /var/tmp/openvpn
management 127.0.0.1 7505

# Cryptography
ca easy-rsa-2.0/keys/ca.crt
cert easy-rsa-2.0/keys/server.crt
key easy-rsa-2.0/keys/server.key
dh easy-rsa-2.0/keys/dh2048.pem
tls-auth easy-rsa-2.0/keys/ta.key 0
# crl-verify easy-rsa-2.0/crl.pem

# Authentication
auth-user-pass-verify /etc/openvpn/ldap-auth.sh via-file

# "Internal" Networking
dev tun
topology subnet
server __X__ 255.255.255.0
ifconfig-pool-persist /var/run/openvpn-ipp.txt
push "dhcp-option DOMAIN __X__"
push "dhcp-option DNS __X__"
push "dhcp-option DNS __X__"
push "dhcp-option WINS __X__"
push "dhcp-option NBT 2"
push "route __X__ 255.255.0.0"

# Misc
comp-lzo

# Logging
status /var/log/openvpn-status.log
log-append  /var/log/openvpn.log
verb 3