##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server.     #
#                                            #
# This configuration can be used by multiple #
# clients, however each client should have   #
# its own cert and key files.                #
#                                            #
# On Windows, you might want to rename this  #
# file so it has a .ovpn extension           #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Are we connecting to a TCP or
# UDP server?  Use the same setting as
# on the server
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote gw-urban.oopen.de 1195

topology subnet

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server.  Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Try to preserve some state across restarts.
persist-key
persist-tun

# Server CA
<ca>
-----BEGIN CERTIFICATE-----
MIIG5DCCBMygAwIBAgIJALp/KJ1jL7feMA0GCSqGSIb3DQEBCwUAMIGmMQswCQYD
VQQGEwJERTEPMA0GA1UECBMGQmVybGluMQ8wDQYDVQQHEwZCZXJsaW4xDzANBgNV
BAoTBm8ub3BlbjEZMBcGA1UECxMQTmV0d29yayBTZXJ2aWNlczEUMBIGA1UEAxML
VlBOLUFOVy1VUkIxFDASBgNVBCkTC1ZQTiBBTlctVVJCMR0wGwYJKoZIhvcNAQkB
Fg5hcmd1c0Bvb3Blbi5kZTAgFw0xODA3MDExMjAxMTBaGA8yMDUwMDcwMTEyMDEx
MFowgaYxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJl
cmxpbjEPMA0GA1UEChMGby5vcGVuMRkwFwYDVQQLExBOZXR3b3JrIFNlcnZpY2Vz
MRQwEgYDVQQDEwtWUE4tQU5XLVVSQjEUMBIGA1UEKRMLVlBOIEFOVy1VUkIxHTAb
BgkqhkiG9w0BCQEWDmFyZ3VzQG9vcGVuLmRlMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEAwqxYiLmI2l30o0GJ0tFrt8G8pHrhuIUbgmaKpv+nvkDVZlYi
x7e36iGcswVwFrCRMkDSZk3assH95zr+psTDDpcsLeXg6t/P8m4Fa+nRpGAnJiRG
kC5C1gi6mzQq2exkyK/N8uEN1i1uRSm6bg5SYoY2kYid9t2wzkvw/oRpee3orrGX
T0L0V7gQsBXRQMPkDdcsXiS6yMC/BiucNZ7aTNm0ZFJW/FrtFK2fq+zhfKMffe0q
ZEBC9kpJvo12u1TVE6udnBqEa7SdDTgZdIJt2bWeI700WQd/wbxX2+pn+mMvzwnz
ArIkMkAEg8XKRvvyTTZFXgLjNie03mfT3Rhdaren7SW0Y9ZP5f9RWiqaUVPwbc4L
Y0rHuxDOn26GM5lcMUcDH5mqhe/7jOeGFNWNjvMzfwud1lGNVWjM9RLLhvQnZmJn
RCuCiP4egh9eZ537XYvnf9tEfZibeDZQbeJ+RXHfcPb4QZbTXfyah8A6tw4SN3DY
BA5S0f/5RJ58K/HqUk63zTMLDTQ5xxnh9H6t0dj0d1hKZdBGJ4J+h94aSBWd1yDj
0ihEtuMlkmXlb6WuMCu7WfVjveq+Y0cbyP7j8Eydr4mKNUGSLSr36OxBaaj84MqN
/SxgR/WC6cd2sIfI2arqBfs6Ofh6SnwY7QthrolPGBkVltemHIFOXNPRFakCAwEA
AaOCAQ8wggELMB0GA1UdDgQWBBSDzgWqdk1v9fZT1ZAGuJmamsq/yjCB2wYDVR0j
BIHTMIHQgBSDzgWqdk1v9fZT1ZAGuJmamsq/yqGBrKSBqTCBpjELMAkGA1UEBhMC
REUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZv
Lm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxFDASBgNVBAMTC1ZQTi1B
TlctVVJCMRQwEgYDVQQpEwtWUE4gQU5XLVVSQjEdMBsGCSqGSIb3DQEJARYOYXJn
dXNAb29wZW4uZGWCCQC6fyidYy+33jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
CwUAA4ICAQCpZ/wJ4P99jqlzsvxt/xr9vmaseN40KRUiVhNMI4NArL6cxNw++MX/
yYIw4lk4BtBtMxidcgBnubtck5wuCeLco4HBYnXcLOJT6kJkZQ7ruM9Q5gwaYZFq
HWNJFDQhMO8x1sbf7QzENmg9UsZu+9ugA+MZ30gnWBLWW4BfB6YuHQkRmE/i9gYn
AGwiokUCem4hKUiN+K4rOmPFgtJN5rY9Tv0cu4dvY93lz+e9kvBj2qHTydTBvLM5
YdxuZ5YN4dLEvpI+PIlJCS78Z5fISake3oQliy7sTs77cYihQ4AgWTo4JO/sX6Z0
VyV0Y8qGkMhcWJ9p/6y4XpatBIDmzuvauRUFR8U6qLknWDgFpEeppqUOU43y1Kmq
brVBRFjqfiJfYSOOr6lUkiJkLOHNAbHsNrtQLFnr4PHsegIwPLC4hRjmZjlrkUiW
GV/+QUeNahFkZ6PhaELXAzmwi2oDkoszssMIXbwgtzq0T8svlJXZUEfzY+O/tVOB
uQ7qgA2fKzGI1/F0Qzm5TV/bxhP8IzHPUiEWHaQbJkTzUW8oe9l63KxtEysw99to
mgxxeMVvxuRxswkp77j/he8B95VHIvYBtVzTRPLfXwhSSeGgZsriqORXqhInNGi8
+yEXH4slS8QSBi7fLkgk7Fkl4HLNSUqstdOyJuMPr9yfgTg4Mhb16g==
-----END CERTIFICATE-----
</ca>

# Client Certificate
<cert>
-----BEGIN CERTIFICATE-----
MIIHRjCCBS6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCREUx
DzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYDVQQKEwZvLm9w
ZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxFDASBgNVBAMTC1ZQTi1BTlct
VVJCMRQwEgYDVQQpEwtWUE4gQU5XLVVSQjEdMBsGCSqGSIb3DQEJARYOYXJndXNA
b29wZW4uZGUwHhcNMTgwNzAxMTIxOTU5WhcNMzgwNzAxMTIxOTU5WjCBrzELMAkG
A1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8wDQYD
VQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxHTAbBgNVBAMT
FFZQTi1BTlctVVJCLWd3LWNrdWJ1MRQwEgYDVQQpEwtWUE4gQU5XLVVSQjEdMBsG
CSqGSIb3DQEJARYOYXJndXNAb29wZW4uZGUwggIiMA0GCSqGSIb3DQEBAQUAA4IC
DwAwggIKAoICAQDP0fPI9wEQUjhMSG908UI1fMjhpdaFsoaZZpFHJtbNbdIoGw7s
pLt4MDHoTlxX+wQNRyE+ISKTcBcna57LhLiukdPXrJlF/ETr6vo/lnA7PGa9hnJv
hzJinSG5DdP1KMpEGAbtWb6T4FFFWzE7r7lPrch3ZnEqhxdvug+MKXCtV2uZQy18
k52ddaRTFAjVr9wSir/e2rwxD+7+448L+ZHs839zxQkCgw2hzCbrCaMPO/RQ5Cwf
jrHN7pyVt0nCead80Fx/drh0xPk8bF38YcKGFwPI2lC+P7A4IkImJ4e/lOt+Lz57
6xXMq31qkvi8MIYSMiA+2Ou9UWsj/mNulGzUqp2wtOxbaA2oE9KMGQw3C8HkX4l/
g1wOZoWfb4whURTrM8pBd2UvS//7FUG23yoFtyD0kzERFvTT2Es3whKineUtHxAp
Dhf0mXT5aiS45Gpue8Eh4Lzl/SBan+WtbYiGsMUXcdyC7aoXMGuRveEV0BjO5hgm
K4vTpgdXfM2vtIj//eWERsm3SBtk7B/MEqIS9Xkz9ELIObcBSxlPGhnaJAHLrVcl
bRm7DNZqN1euWAnQaJyRtNEyXUx1heWzCECUY5L5vxLqQo0GJ67oA5VFV2duMTDI
chMBB8UlWNoyNDBlfWxRgH9I136xkZplNk/cSVaZw7RL/sQNz7gVrfwOaQIDAQAB
o4IBcjCCAW4wCQYDVR0TBAIwADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2Vu
ZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTkCKWUHjo6HlsxCDXAVDI4N7kw
EzCB2wYDVR0jBIHTMIHQgBSDzgWqdk1v9fZT1ZAGuJmamsq/yqGBrKSBqTCBpjEL
MAkGA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMQ8w
DQYDVQQKEwZvLm9wZW4xGTAXBgNVBAsTEE5ldHdvcmsgU2VydmljZXMxFDASBgNV
BAMTC1ZQTi1BTlctVVJCMRQwEgYDVQQpEwtWUE4gQU5XLVVSQjEdMBsGCSqGSIb3
DQEJARYOYXJndXNAb29wZW4uZGWCCQC6fyidYy+33jATBgNVHSUEDDAKBggrBgEF
BQcDAjALBgNVHQ8EBAMCB4AwEwYDVR0RBAwwCoIIZ3ctY2t1YnUwDQYJKoZIhvcN
AQELBQADggIBAGSLlF/gaiE1+iVDbpLaWSASfGuZfxjXOemN+czikzy9nO5RDqkh
17oJIavuj5ROf+wBMUBqTPUiVKlfr1zMkXbm3V69zmssAMOhMyobg0hk0E2GXtrw
Tb6vxwFqaUukOcjX3u9PlGezewo/WuQJYH66efsAmgkqUgPLxN/SXCSbK/HC+l67
YuQfXoHqZQDZ3Ew4F1m61QnQJcUVKOQVotLWeKBy9QauP2GTpYqMmqbKXSogr975
SdapRTQccsaTrWHd1mgsFn2XZlcIkfq9/w1oILS+uptg8aG9NeZRJoSRZQnyfhfV
ZISXever73fqVUfh0ee5rPVdqzdUiY5f0R4rW+Y8MTjo6d1YuvPJYxrtKtn6ZlLN
uYwNZHjC0yPpo5tX7QXlUhtrMtg3nPrilO07opRKm89OkM78FTbgpSw/x/oDwQY3
RVYMQ0wJulAgUmwy80jgYB+HwkIaIROW2abd8XX4qBXCwV2N6MH6PePl1ttx0Spm
pVevqkOLIi0zpyjR0qh/pnGnbRWFhztgkvaIfStAk08KMNFgRekx3omHE2/KmRDf
azsDLHjw9SxMb3Tx9gMnmkV0rxM24VuRbWNh4KPNQaO7jeDf6it84y53rT34olcL
lF5jjfmPMuHiPJauPOw/wWRwFrh/hF99ncdO8c8JNJwOibrXvjidhzAC
-----END CERTIFICATE-----
</cert>

# Client Key
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIJjjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIVPXPy9FjUjECAggA
MBQGCCqGSIb3DQMHBAgeJeDimzYzlwSCCUg6NduONv8wnwx1hQtK24FFJF3dsFN9
sH3ar+oS9CBXyKKKz+Kj2QQcPuEHyD/Ex2KKaxrBLCIh4iHNo23ZoQTvdXpYvAsH
AJLeknvhYFI68hGWj69cGMS+huY/+8Pk2C5ZQZdl4vbClSIa5syHqAuufaWiRQy7
1jrlz8aWq/vx2IJE/OUw6kY6GVsp5/PJSjHS6bHpNM5r938IJeP7sbOvI3aSfqdh
QMATUhMEmmfMIJ5Qo9bgSfowcEPe1LPbg0zr2RbXJmd04vi3+m1AKSd3wG9PpNuh
fwQZGBES4HFdQeNwymfe4YPL7poxQsHqaffSauTxV0dMM3jfnL0O1kzYwYr7TvLN
a7hClcikUnOFHEO0JZm3uKvgFOsNrpPZHQ541BvHwumu9ATO9U8QvCVidZ4O8Ewh
xqXYS0Ugc3M5/jwJwlXKY8rZESM05ea2XdS3OzREQs6sHjnhBZqHB7yIOut3ENjI
sd0V+m2X/AJnxYDCkmfaXAWYdjzmNzWBrQ/2jGsLtvOz25o0BCr2s0Tds16s6ijy
PrnY+RljHd2xz+8VKIjmIRZAfSUj5bPA+5rlWNE17EqNVkE0Drq3ESFyOkOhIxv5
zWLNTJT9GLn8BOz8dt9iH1SXceiBQAAEjKohtihokF8WNFckXcYP8PIZxgT2gNSZ
9vldNzC7tT4/UviFMUJVE7fUQgYf0XgVPcDVvmvfs7xbJVG+cmdckL4qfZsV6xY+
bIyK4Y5fB0J4bQzIva6W96Nne0Lytf++y+sqgY4llpcFibKgYN7M3KfsM5A7k+wc
uKoGy5+2/dZrcF8rS87MPdeeIRKpYFKpxz1/VvugprAXfjDV2eKSULG1fEpsfVOx
u1FE7EIwDnYmue7MpA9OYvLOJXQrHbdnwlvjyRDmR2Pmll6rjEGX/yn9yBltVCal
7NCZHfwlQm4h16bUmWvUSBdTF80pCy6eOaBz77K/2v1V9vWzi1ZAyKy/aVhPtMS4
Jyh3Eg2fh5WHVlH6zkju7Oqz+vfLQS1XVoz5dabbnCgHzWk6MccVyE3D4G+0ti/R
6waRrBhIPazitKQTi7wnK6eZ1CVBCkbRkxu4EcBfq7R4TfV6ijVRK5T/LsYG3TzU
tSx6Z2VAdPDIl78usVOqirrw/Q68s6w3xLm/WxV0a3f80afGHj0p1Pxx9IIb+4fB
B13tAJ8RTCtwXSFf09hFnSKYJc9iS2opUHFm79TUpDR220VznMdjZiLAbYb+lGDm
GNhshIBbaMrBi5oguZ2c9aP+FKUXooYQzpFfSPduU1oO0WoesJDbxbPrzyX6VFy2
d//WWCsGo3l7nF7gAsHJeR0gTaBhnuciR6VLOKuE7rQdoRFovtT/+u0/jUuztss0
P/cH0wZm2jye5y3A8yIsGIyoxJjwAEhCdgBK0ChHarpQ4owwgFWb2gif6T2wTi+j
8ng7r/LnqJZkWHwuttLXX7fpQLmOj6ybG3ytFf3t8A3MQJp2pTY/el7bf0xYz0x+
ll8BSHvGqTRZe3fImzcY03deOrKSPlWUQ0haiT3bcz6EJnWuul6/sCMmxIZbZaEc
qV/orXMaEm/nMd5+e7AVhDo9Q5nBVtTT+BZSABb8YEHY62g26FtEo8cvnFTNfOR7
gSfyBkS1YAttqdQ8UvB4TkjE3cmepy0bo1Uu0h+1XfQqTducPV6AmFu2snbnyys9
8KJgkV0qc+biK8ROPUQBKjE2Mi6jO3wLYVIr8PA2Gl/mv1TjdDOecFnsyyAcjNkX
Ol02fKSMl8nYVKnVKnTffLM6fYs2bKJwjEoYOkLDFmpO+fCnq1IFwg/CBkn7AL0s
chBVisDNUV9MGbDZVIiYUSEtaY7cgyAJqBfRbMtlvC2mQFzMI2L/+J/4ZUGRqJ8K
LsiJ+aCvwgHoOTpuxC7sH3LiAoDejOa8qMRWKqklO1LtNfvTV/APAACjhQ1N484R
/uzmLnKY6QPCFnK1zmo6NwvcSy/8vD3YZMxV3T54kqooMraJrVB62YJe/KsCTCbb
7bUkeNiqxT9jbUf9Lu4Wy91i9XRh9Kakxfl1/oM5E/cuzX+r7hz6AUSLgZ0ibgdJ
wXDCCcdxw6Ne+zw1ME5XfZ+3DhGvFb4LXZuTd5lGzNn01+5sTPMXEDbSaVUcuLc0
qxGNS/Eqs4qAy7FJK9sTMjPvfiPNSp40DOKfKO3dEyGawp3yKOlTNU+fLJT8qsPX
KjUghx2VTtZGOZVijB/VGdx0ecfqWK+FNR7ppU2+370PmDmCdWjlDF2S8CdROMCf
K90VEdvyXKi5NMxM6yRHgRgJTDhCqdKgWQE+NQ/pYqDYt8m2dJAupYKXrnddv5nz
0D9kxRylYi53LigGdDwwAq/R4fjOzZ1trstB4heMx9uMK9YsntOtMzTbOWpYxkqC
klAk7q70TPn8jj8JFYa5UhhDso2EwsfJJXQMReVk3Fs0Kg8hWJLsYyVwJjgAnSNH
1Cu9PvsC1diytKY63+pCJyzxql4ITqgHuVaC8lF/UsxSeTNqQSShviPmSV0V1a8h
W9iTH3oWwLkFp/yczJwLIfkCqMnYpBXE1RmnZfwOu38uWLizo4nVKIbN0Ak7dKX5
4knFkMeqig76Sz059sj1J4V3RwdEaa2do9wzD7893V80NfNWulEqMYG/ZWo8ibXf
gw4EAEyfIC1EldSoWbolhg/wrqqRN2yAij7UjHXDDFbGROyArc746HmkDIvS/RyA
4kGN/8Q5rYZnhoMh3lz1C5HfI0adSmZpjPjeKez1Pknk5lcmkmeoQ/e1Lq2w8Vz6
PqdqbgdHgUE64N5suxrbczMYtXv4sa+sEbs008UoUFHWp1mMVvLqgHkxcMA6qgvo
JM6SPC8yo+di9OGCh92BKo13hbNK0dcs+5Eoq2ahz8e2LM5v4EPHjzqNpEoXTbHw
YepbkgUClp0o8rrxbKQWGpG/x9Yjx8x3TJG2goAxQhjAMmovsbk+U/SuekthWU06
pVC5piI6oho/Tcz4EQsUQMW1lctUVoRuvRZEu7+OTaOUhyv3yXW12gOWM8oVusgh
LE2NaYGiiCun0FI3oJsmmzWn+6xJvYaQM9yFwEhzUFwBDw0BxmCKun8dJ212rvGd
AUVseiVNsR9f3hmHuAT0W+B3XMDq9mAX7rNBts83XfcKrspL5ovKJ2/Um2aOnJwY
rxE=
-----END ENCRYPTED PRIVATE KEY-----
</key>

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server".  This is an
# important precaution to protect against
# a potential attack discussed here:
#  http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server".  The build-key-server
# script in the easy-rsa folder will do this.
#
# Note!
# The option "ns-cert-type" has been deprecated since 
# version 2.4 and will be removed from later distributions.
#
# Use the modern equivalent "remote-cert-tls"
# 
;ns-cert-type server
remote-cert-tls server

# If a tls-auth key is used on the server
# then every client must also have the key.
#
# Don't forget to set the 'key-direction' Parameter if using
# Inline Key. Usualy , sever has key direction '0', while client
# has ke direction '1'.
#
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
aea26f8f0a99ff84f7a6a6f426bef710
2998c49555c2770d954b9251a74b6e30
3859a0a8c086f3509c440c50bf3230e3
d5bc2b247119a4fdb59aefdd2376475d
f060a24165022d981ddee0704d580587
752e520d930b24580ae5ccbef266c471
6ef8dfdd6ba9de23e63823841086a151
90e146c1d085b274d3403de9bd827935
cd18fd2cb4005f3c133802ccc0c2f885
decd3b5fd4d6dd53dc478c59f3a84dc5
e9a3d51e805811af39647a9904605b99
2dbf311089315fcbafa70b89e2d49b1b
d425b598f7551a2cb21ef9315a97e36b
2152699cf9ec5fa90df659495575a935
bceb34f91889eda617d2c6b26573c6c1
ce620dd47a0b08e6da791cf979ed8c44
-----END OpenVPN Static key V1-----
</tls-auth>

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher DES-EDE3-CBC  # Triple-DES
cipher AES-256-CBC

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
;comp-lzo

# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 1

# Setting 'pull' on the client takes care to get the 'push' durectives
# from the server
pull