toto je moje konfigurace na serveru
dev tun
local IP SERVERU
port 1194
proto udp

push "route 192.168.1.0 255.255.255.0 10.8.0.1"

push "route 10.8.0.1"
push "dhcp-option DNS 81.27.192.33"
push "dhcp-option WINS 81.27.192.97"
push "redirect-gateway"

ca /etc/openvpn/ca.crt
cert /etc/openvpn/debian.crt
key /etc/openvpn/debian.key
dh /etc/openvpn/dh1024.pem

server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

log-append /etc/openvpn/log

status /etc/openvpn/log/vpn.status 10

comp-lzo
#keepalive 10 120
persist-tun
persist-key
verb 3



toto klienta

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.

client
# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun


# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote IP SERVERU 1194
;remote my-server-2 1194


# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Try to preserve some state across restarts.
persist-key
persist-tun


# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca ca.crt
cert client1.crt
key client1.key


# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo

# Set log file verbosity.
verb 3

Pokud chces mohu ti vygenerovat i certifikaty