luginbash/ocserv.conf

## ocserv.conf
auth = "certificate"
ca-cert = /etc/ocserv/ca.pem
server-cert = /etc/ocserv/sfo3.pem
server-key = /etc/ocserv/sfo3.key
dh-params = /etc/ocserv/dh.pem
tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%NORMAL:-VERS-SSL3.0:-EXPORT"
predictable-ips = true
compression = true
max-clients = 16
max-same-clients = 5
listen-host = <IPv6 Address>
listen-host = <IPv6 Address>
listen-host = <DNS Name>
tcp-port = 443
udp-port = 443
keepalive = 32400
dpd = 90
mobile-dpd = 300
try-mtu-discovery = true
auth-timeout = 40
use-utmp = true
pid-file = /var/run/ocserv.pid
socket-file = /var/run/ocserv-socket
run-as-user = nobody
run-as-group = nogroup
device = vpns
ipv4-network = 172.17.0.0
ipv4-netmask = 255.255.255.0
dns = 8.8.8.8
dns = 8.8.4.4
output-buffer = 10
user-profile = /etc/ocserv/profile.xml
cisco-client-compat = true
custom-header = "X-DTLS-MTU: 1360"
custom-header = "X-CSTP-MTU: 1360"
custom-header = "X-CSTP-Split-Exclude: 192.168.0.0/255.255.0.0"
	auth = "certificate"
	ca-cert = /etc/ocserv/ca.pem
	server-cert = /etc/ocserv/sfo3.pem
	server-key = /etc/ocserv/sfo3.key
	dh-params = /etc/ocserv/dh.pem
	tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%NORMAL:-VERS-SSL3.0:-EXPORT"
	predictable-ips = true
	compression = true
	max-clients = 16
	max-same-clients = 5
	listen-host = <IPv6 Address>
	listen-host = <IPv6 Address>
	listen-host = <DNS Name>
	tcp-port = 443
	udp-port = 443
	keepalive = 32400
	dpd = 90
	mobile-dpd = 300
	try-mtu-discovery = true
	auth-timeout = 40
	use-utmp = true
	pid-file = /var/run/ocserv.pid
	socket-file = /var/run/ocserv-socket
	run-as-user = nobody
	run-as-group = nogroup
	device = vpns
	ipv4-network = 172.17.0.0
	ipv4-netmask = 255.255.255.0
	dns = 8.8.8.8
	dns = 8.8.4.4
	output-buffer = 10
	user-profile = /etc/ocserv/profile.xml
	cisco-client-compat = true
	custom-header = "X-DTLS-MTU: 1360"
	custom-header = "X-CSTP-MTU: 1360"
	custom-header = "X-CSTP-Split-Exclude: 192.168.0.0/255.255.0.0"