####################
#
# SUPER IMPORTANT!!!
#
# Anywhere you see 192.168.2.0, you should replace that with your server's address
#
#####################

local 192.168.2.0
dev tun
#Some people prefer to use tcp. Don't change it if you don't know.
proto udp
port 1194

#
# Key Settings
#
# IMPORTANT
# 
# you need to replace Server.crt, Server.key, dh1024.pem, etc with your crt, key, and dh*.pem, etc.
# Check with `ls /etc/openvpn/easy-rsa/keys/`
#
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/Server.crt
key /etc/openvpn/easy-rsa/keys/Server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem

#
# Network Settings
#
server 10.8.0.0 255.255.255.0
# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2
# Add route to Client routing table for the OpenVPN Server
push "route 10.8.0.1 255.255.255.255"
# Add route to Client routing table for the OpenVPN Subnet
push "route 10.8.0.0 255.255.255.0"
# your local subnet
push "route 192.168.2.0 255.255.255.0"
# Set primary domain name server
# You can use Google DNS (8.8.8.8)
# Or you can use the address of your SOHO Router (i.e. 192.168.1.1, 192.168.0.1, 10.0.0.1)
push "dhcp-option DNS 8.8.8.8"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"

#
# Other options that you probably don't need to change
#
client-to-client
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher AES-128-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
log /var/log/openvpn.log
verb 1