##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server.     #
#                                            #
# This configuration can be used by multiple #
# clients, however each client should have   #
# its own cert and key files.                #
#                                            #
# On Windows, you might want to rename this  #
# file so it has a .ovpn extension           #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Are we connecting to a TCP or
# UDP server?  Use the same setting as
# on the server
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote gw-spr.oopen.de 1195

topology subnet

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server.  Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Try to preserve some state across restarts.
persist-key
persist-tun

# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIGzDCCBLSgAwIBAgIJAJa8ImRNIVSZMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMH
VlBOLVNQUjEQMA4GA1UEKRMHVlBOIFNQUjEdMBsGCSqGSIb3DQEJARYOYXJndXNA
b29wZW4uZGUwIBcNMTgwMzE4MTYwMTU3WhgPMjA1MDAzMTgxNjAxNTdaMIGeMQsw
CQYDVQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzAN
BgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UE
AxMHVlBOLVNQUjEQMA4GA1UEKRMHVlBOIFNQUjEdMBsGCSqGSIb3DQEJARYOYXJn
dXNAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDEhmCg
nhfyO/Z8q6/cyBTn7/K74AJRHl+8sUv/YFf0AOTgIrO93qdzDZf16IioZ/2+lg5X
0exZGcXCIEOnWlrnDiVYYsVyYrCWOhhhLBv5Oe+OZCOwWEBY/+/M9Zp2OUgS5zJ6
1DX4rtmb+WsAjcNJJmZV6q9M0gEZsuCfpgrNGADpuTCEa4RMk7z4mG/yjh0dkT1a
RT2vAYD2RgUdVyR/xFQNflWh101i06kKwrJOuBT+iopBbyz3X2NkkBba+F9qoOpJ
3NiOr4UfIMW6chUQiF1+8/PPtVIPkYFjNpUF5l1HXQBjwRCZZPYog1w701jN0G4u
9GH6ZJjCBzvuSS8lo5jMdUillMh7EoCNdZTq+LgM8ZAro6GJh9oOXf3YL3RBMTfX
aLFTxHzN+PCG53buZkNiM23OaackKyeOhXbDIQwiaTOcANVGpXrh63Qoj7BFbKx0
pLTynp6IUXBbsE+ToX5y/BAtm8Q4DXLLe0h82zJIQ/ZBhTorQaMbi0VpLD0zkamM
YWdZPVnAv+SOAt/uVVLN9aFUZO4V1ebBKVhYY56iW/OlugcSNo7vRcrvBFLI9TLU
cS9euI4HxKldRZOejoTIbQXVEV7fZ1v1YHC7dafW/YJIJTkliTCQ05E8eiW/0zQd
V1DWNIiPBOKm1LnMkVr+Aa1JpgpcEEN7ngMvswIDAQABo4IBBzCCAQMwHQYDVR0O
BBYEFHSigxuV60X8ONBxrGr1ItbazicLMIHTBgNVHSMEgcswgciAFHSigxuV60X8
ONBxrGr1ItbazicLoYGkpIGhMIGeMQswCQYDVQQGEwJERTEPMA0GA1UECBMGQmVy
bGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcGA1UECxMQ
TmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMHVlBOLVNQUjEQMA4GA1UEKRMHVlBO
IFNQUjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQCWvCJkTSFUmTAM
BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBkzH3PqKEHjXZytQY7usSL
6uAjH2jMhZb96GJpMNdpgzntACGjYl80Vxtwj0aIAYyOyIbfA9VyZsnc4dsYqJ82
bN/K3AlEHeMBaxhrD6qOdyoXkwjx80WfvtF/FTyMHxsCIR/N2l0BM6THKOLMZWB2
TmY/QBBsD+/nSwy/4JOeeJvtxuY0IXu0aONM+n4tDoVO9O7EyvpzcfrT/SosbtBB
mBI1hH7/ThmXswvcrN7rCn00yaJC5Qv9HN4osKihzgigS5jh4lOYAvXhxTGU9Nzm
kH21ONSNZql/mZCfs97RaoM7l2Uap5ex5vPA4BJvQ4WXWL89GYJGwTuOmIf77aX3
Aoxl8ntuiE9R9oQKqcFe9uW25c1h1o6DRglc6oBEP1T40Ni8b/cTnwSeES4RiYAK
ScSturvc/Nj2Z5nzR5iVKo/mW9SBHlbk52HvsIIhFRMoHahIcv2Z4+nyUPMlJCly
lvp9yEFCnjwVbc3ruUqtYQHDxJf/SkBxuCLkN7W7W2voq1mOSOl3i7Aw2zf/kmG7
BTLQVfIkUKLR6F2erz6QdEn8mST/Niz0la9mfK34ZgdG0zFZ0j5lLC3YnW91lr7B
hlwVD/nIqjSOFLHdK2d/lefY1ZHcTbs3fUA8oKp8CdJb1NhfUWprigKHsSVHyqJ1
CAgKxVPrsd1y2i/Xhg74YQ==
-----END CERTIFICATE-----
</ca>

# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHKDCCBRCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxEDAOBgNVBAMTB1ZQTi1TUFIx
EDAOBgNVBCkTB1ZQTiBTUFIxHTAbBgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRl
MB4XDTE4MDMxODIyMjAzOFoXDTM4MDMxODIyMjAzOFowgaQxCzAJBgNVBAYTAkRF
MQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UEChMGby5v
cGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2VzMRYwFAYDVQQDEw1WUE4tU1BS
LWNocmlzMRAwDgYDVQQpEwdWUE4gU1BSMR0wGwYJKoZIhvcNAQkBFg5hcmd1c0Bv
b3Blbi5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALnzXmkGe5c+
RW0VwkXg4e6ePXjxSQzq74RDNxvKxfwf7CoRBhP6yzQ2XfmZvumesqHHPbI/YjMJ
Dac9lYKcBMYSAS+IW6WqPdC8NYmpGyRQfvJhoKlxFkDyTD5pOT5S0wXBJf+eZsJp
H6glWboaJdz/4JpOOPFFGOrxVQyjp0YymCZv3Zc0nsqUhKcgxXTDm09G2oVze/X0
mju2p1SK5alCyudadE4szi4XQSSctX4YGQ71w/jv7yVnARdIAL92YJ/Xx99wGlWR
dolMUByrLZYYphEciNZSwXAyHXi/giXteUR5/IuaZ0FAzgWYDldKb5kD4CWzp1tP
vlV2aw5kiawHzq27TE7sXJfC6UTnp2GIfXAqZ7S9cHT1D2YDMKrlUfMnbBrwyZVg
rWHlUN6Gf2lmaGnc1loqk19J9v5uf5sD/QiI2R23X7xIxqfRx2QX28vPGUvgb6qI
87/kpPGeI7q6KAXTW6wDDyhvhTqboSP7xNB/W6Yqc0/QFs2PxHTTBRMZmEkRk8Vd
+qxKwZYLK/4FucQHGWem6xF/XNYwJ/i7WGC4hjCvATN8JZNRCLPoEPrwZtuGiwD+
jwXwQyX+djjjbkpo6NJGhnaYAQMetXYuGWEvhMzEEhLw7muVxBDIt59VA5lfSy+t
jeRzWaIJl1IA3N0GQE9YZhMyUt6AlMmvAgMBAAGjggFnMIIBYzAJBgNVHRMEAjAA
MC0GCWCGSAGG+EIBDQQgFh5FYXN5LVJTQSBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUw
HQYDVR0OBBYEFPEa0Qzkh0IB8EoZTuIQl5h6fygPMIHTBgNVHSMEgcswgciAFHSi
gxuV60X8ONBxrGr1ItbazicLoYGkpIGhMIGeMQswCQYDVQQGEwJERTEPMA0GA1UE
CBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNVBAoTBm8ub3BlbjEZMBcG
A1UECxMQTmV0d29yayBTZXJ2aWNlczEQMA4GA1UEAxMHVlBOLVNQUjEQMA4GA1UE
KRMHVlBOIFNQUjEdMBsGCSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGWCCQCWvCJk
TSFUmTATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEAYDVR0RBAkw
B4IFY2hyaXMwDQYJKoZIhvcNAQELBQADggIBADqIgd5cpkF8Q1hUrHhJHo0CIyio
01zOCKQprLum4s8f1B08qUxwOlc82UCh6t/CjN/hYbQzhHth/pZyXoAJXj1AkxMt
vmapyR3glVjxbwHC6sNj6hZDDKNXnkXLYXszTQx10pWpP51HzgkOWxUJ7qhWW/98
RHCkvUkft7mfrHe/QuhkYXvgQjGJI3Z0Ab8ZsCh6wSdqEU0QcJOYQKNbGjRI9lfD
TE1NNVjRtmcUaFPSlLWYuPAr4/UBW0pJifcC6jUtzmpPfs4pkrq/9JdUpO9H2y17
7TSqU86YXkBf9apxu3l8vM+UQRdB69js+5OSNvtZwyyvmUr5JOujM6bUCN+PWco8
pydvUNzIYC7H8One7giVV6Q20XSoMd4suR7W37jAkG02FbUHhOwFodtF8oo5UoLu
EdB4m6ul+Qje7QsRT70BNFxyAUzXsFIW4qfk50Ay8XDlnBzGft4LDsPhmmDMdWJq
Kt92Tfp5AdH6ga8i3LW1CxsNZFdlF1jXvRd6o5LwqEzEZwV8H/U8I3mUrCysouqw
3bp68Tc+cQ25bZS16u5c17xh5VMvIbVTzR1IHURhovwcY98212h+J9bsx7RvjMCI
wEQu81pjNu0Yx6NubhFJQ6pI/1NeF4I7H/Ksr4D1ng0G7xIOYx9yphVI0ZSoHH97
16CJQbBARZ0gLeJr
-----END CERTIFICATE-----
</cert>

# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJnDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQI3P+UTRrv91ECAggA
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECIGofT8rXdMtBIIJSMRkl94ROVWC
v/madZNyDie+Wlec4pGWYgur/dfgeQyjMEleu642IrvRFgJwdZOhEEIDc/syOHzx
Hiy6zxvWcnMAfzQKwHcMI4HsOcqtZKiA/UZ+mXIH8H0HW62N8WHpryqpVyZC5EZj
0bFaulmD7rV0MtYS2z5pfGLTnKvsDIE3rMvwyZTcRSA6Zt3bOxsJN+SjD4AlmJbk
XERauxx47EmvPle3aIna625eIQjfniLxrEq0e5E8FQdZipHzqKz3Pub2bepAbmFO
S3t1Eqk3DkA1mG5PKog1IrTgFAJ24tk/EZuFLzGEL0Wc5hdtcIijJh0Us8w0lWJ1
RMp2+Pr6zMZSK5L1GYubi0IfASsAmBPewLPt/cUqdNuaCFc1dUuaX2/1gtBl/G16
s6GFwjK8BhMuYi3Z2ehwNCA2koWA9nGbWzT4CSL63Znupc0ieCBob1UqrbtiaIPn
xMFrKvO2wdnDJiKyNVCx3jUeN7700E2BCdS/G1WLoocQZTooQGJIpWUhcjvf6wXa
AZhz+z/uFBXslWEB4O3t8VTk2M2/dKqJOg6yg+MwpAQSOd/8ogV0VOpft5GD/t4c
6mgBs5lwtau7GbTFj060X15znpzvtPRUrNbL5QrK9DpLw+vvYB+IwCq/CVpjjchz
g3nkpPw0O0gzGf6AEBJLGsfGljifMc1pDd0KNNkAweZSOg5XufFJpjiFnuXS5Puo
O+vnvy0iie1e0KzMBrWJWY1vt9JuNRI85qNcftRNnyboQBmnnBAvdA5hiYib7+lY
akB6UNwkREl40/FsDYxJl4yLbtUC/Lr1hEmyQt4ZEI9v96nW/L0/qlOyiYNAP1r0
/PEKfRKn7uMZnJXZ0SYf9uMfdy8M56DYEEG3X08F6MWVbEozGbbF8l46FH/9cqFp
/crtnJZi/1W/A12wmzSgGk2zzLtr+drZ8w/rO0sI5Ptjh+G1dSqSTobCb0bOC7+t
H+6vesuSAdEQuxasbleh1IyBKkPRwNf4FqAumFfZDKlh0+PVw/waSEIcg5Ef4whV
EI6rUHigVoZ7AtU/XsjJ3YkRulBXgIOVNCHCJqd8tRqgc5dUeG1652L3q5sIljtE
nT1t/CEGOd+/rjLwbYl7ZdW3E67QovB/CRIh/B23u4jsbdBkZgeRINcrwbOIXE6t
jhzO6uGjVuu/6VxMBRSSfxvIsMVCt1rDumadckn+MMOM8E/jT7qN+5QAurdSVnPq
d7R6M14Jlz39NXXYkdAjNpAH9XX+8y/isOD1La6J+bcxpO7BqcAlQTzhgwB56DrN
UZ234vaAW1hNtSjNS0e3jZ6noiEjfG6qOw5+DxtXLP9Rq5DwjPrIc2dscY4//foM
u1NvDB4SloHVy1r01sEA5OqO4KyJsxXotKMeY6k92c2SmP7E461UHLn54LTLOs3t
iuzug6aJh9nK/NOGprJoNgI9C/46phTTfPE73eUVCpbnbd46dZ8qpMnil4YIpk1L
+mOZCDOQD0H1CmFRXu+EzZsZLDLFjLtKtiGO/ifxs+zdNpLCcJyycPy44zteoMFq
mra1b3hFgGestzHz/2ANY6gIe5sZikZVXgTRP9oZYQ7Wm0c1PVqQ003n60hJlajx
a+EItIYkQl16BZCBbanDuKwofXmxtGZXtU84qcRIzs6X4NSb1N+0xwBC0TM+xYnN
ZmX6hkj/ELYbrktcML6yJyDJz2UvMRaORBnrUjfisJ8dUFSKX6J0JCQ5IMSyZjeL
Vzv7CRKFQ3VTvWgAtY31yjpNrr6oHJQ+Wk8B987IAKIKqIBH+RYiBlf3jQVrB3vl
kQ93LqTXw2Iiapevb0fEREwoU9qEC/lTv39nrYIpHXMlpfQqFLGMPgS1VP5fQzrU
QET6SCxYaehYT64aWBARpYUcwc7xMA8WwLc40f1JfXvmbIZ4dC4OZeIHNyy+kDu2
hVKL7bI6jGZVTmFKGXYF9iMjiV8m4q19WqgvBkKZFzmTAZ4gasieHtOi+TzrEH+u
G06wcEilg6o9NS2JkNl8H+ReOasnhPs/nuWZlB7hUNXnPA6QARQGZEuk6lKAxl6V
zjtniLdRsZwVBKb8lExcP+BQ0KovnaLOzorFdISlsuOCwt4YWUbQkN1LMDMd1bq9
Z3ThemCCOvn4C/Ez6DzFul22jTj8s5XPPZXUKEpu8p6Spt7rCYA8+MLoYmeS1Ztu
L4ufZler6891KMkn2mLhSb91IB/5MDomgo9H9rBJA5JWa6hG/QV/wTxR2WkKuJAv
IX8Zkhs5pQBTh+WDf9W5ftv4fqqowEOOztN+XotNAqaSmTE8vTxjePbnDAX5+iyp
s40aHaxj9BFZrj0/Sp0StL9OzgV8qN8rxeblSoBFU0nx3bTAp76CM6fvp0XqK0el
Ua6PdBBHKmp0RQoguX99cz3WYNqxTWMWE8c9aoXakBGff1Uz1Qgq0Y7kFnaXxCRM
aUbkPMBOeMJrt1fQQWSlzurYXAO8pPn63uzZGhiplYh6fJQ3m+8m+AYGwzLTXEkS
Z88Ox1CCdtR40brDba0pvkRNfOkD8wGpe2uYcAjnhc2MF5DeZf+8syxRnTBYsud9
dBDCjQkYUKEihmqz31SjojoxaYutFkEe5//Nov2BxxoyVHtpjmLWtEdhVTAkcYTt
05aO30leUBQ3IX97K68s6GFA1nJCe5WrcpCgjA/718N5tGuvc53zACLzpdEaCm5g
2nowfRP/lx/faFCC1/ePjlT+1g9BJiaqFBaWR2iQ9VR8nKNws4ULCu6uNr5xtpG9
LIw3C6DrBWtzVHAiZvz6Ufma4u5TlFxR4IlFS2aY7QzL9+EYqrogZUZIvDH3nOHs
qS/t+CBbItxpb25X5EI/jruhmHplgHmdqdstRtyxjObEOdm5TV4+oRTIA6YYc4Cz
TXrdjDkOECV+U/OYzHWxKFyCarn6d81pRu79RuksIhE0uAd5rxT5uJlzf9UuQjFr
63XCVmLnVXuF4qpdfT7lj0cvtGz/Z7itSPgR3gzu/VnR+u+kdAvRgtDg0BJqV/Om
vJLAnlJxc0bhwVmWB6q1Tmy3ZpDMsEGz7fLsbUQp+TcjNfrFCTrRgMppUdET5fFc
8+kUQiLjZYYYINwpeS3cU+5tOtNNsnbgt1xkvbQvJ7qEjL8wF3J4j62M36dKCo5p
LOq4p2liZ+06x9mtaX7NIg==
-----END ENCRYPTED PRIVATE KEY-----
</key>

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server".  This is an
# important precaution to protect against
# a potential attack discussed here:
#  http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server".  The build-key-server
# script in the easy-rsa folder will do this.
#
# Note!
# The option "ns-cert-type" has been deprecated since 
# version 2.4 and will be removed from later distributions.
#
# Use the modern equivalent "remote-cert-tls"
# 
;ns-cert-type server
remote-cert-tls server

# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
0f871c0affde12bf4aa4c3683db554ab
5b289badc22171c46f4fcf749b94c3b3
fc8da02a98f067a6b624e3755ff08e28
6c74f622bcb49a31b94bf9e9e9619fd7
2949dddce9997bdd6b8c08bf7785baba
54267e89eabf34f4e729d09dad95fbb4
f254ed52de9287436f718c138f29e927
36a77a01b8801be92da98eec772e1d9f
eb568dc508531ca7dbb92af3098f812f
4b7bcff4c0badbd34b6e168fc7312da1
030559d8278ea9d2ac200da87d4b9283
8994c85e9ef639c82214107f12d67f9a
d71ca5d6a991bf778222f8a87eb99009
1e1de4379406d4008daf98437ffe0e98
0dd90d7d41239a14489e6d077740e97a
90b30b8b8f445e78073ae1f365601bb1
-----END OpenVPN Static key V1-----
</tls-auth>

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher DES-EDE3-CBC  # Triple-DES
cipher none

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
;comp-lzo

# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1

# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull