nbrownus/openvpn server side

## openvpn server side
port <PICK A PORT>
proto udp
dev tun

ca ca.bundle.crt
cert server.crt
key private/server.key

dh dh2048.pem

server 172.16.0.0 255.255.0.0
topology subnet

ifconfig-pool-persist ipp.txt

push "route 10.0.0.0 255.255.0.0"

keepalive 10 120

tls-version-min 1.0
auth SHA256
tls-cipher TLS-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA
cipher AES-256-CBC
#You should really have 1 cert per device, if not enable this
#duplicate-cn

comp-lzo

user nobody
group nogroup

persist-key
persist-tun

status /var/log/openvpn-status.log

verb 3

# Require re-auth every 24 hours
reneg-sec 86400
	port <PICK A PORT>
	proto udp
	dev tun

	ca ca.bundle.crt
	cert server.crt
	key private/server.key

	dh dh2048.pem

	server 172.16.0.0 255.255.0.0
	topology subnet

	ifconfig-pool-persist ipp.txt

	push "route 10.0.0.0 255.255.0.0"

	keepalive 10 120

	tls-version-min 1.0
	auth SHA256
	tls-cipher TLS-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-256-CBC-SHA
	cipher AES-256-CBC
	#You should really have 1 cert per device, if not enable this
	#duplicate-cn

	comp-lzo

	user nobody
	group nogroup

	persist-key
	persist-tun

	status /var/log/openvpn-status.log

	verb 3

	# Require re-auth every 24 hours
	reneg-sec 86400