This is an old revision of the document!
On the EdgeRouter, make changes where appropriate…
set interfaces openvpn vtun0 firewall in name OpenVPN-Mobile set interfaces openvpn vtun0 local-host xx.xx.xx.xx set interfaces openvpn vtun0 local-port xxxxx set interfaces openvpn vtun0 mode server set interfaces openvpn vtun0 openvpn-option --mssfix set interfaces openvpn vtun0 openvpn-option '--cipher AES-128-CBC' set interfaces openvpn vtun0 openvpn-option '--auth SHA256' set interfaces openvpn vtun0 openvpn-option --float set interfaces openvpn vtun0 openvpn-option --duplicate-cn set interfaces openvpn vtun0 openvpn-option '--fragment 1400' set interfaces openvpn vtun0 protocol udp set interfaces openvpn vtun0 server max-connections 10 set interfaces openvpn vtun0 server push-route 10.10.10.0/24 set interfaces openvpn vtun0 server subnet 10.10.10.0/24 set interfaces openvpn vtun0 tls ca-cert-file /config/auth/openvpn/ca.crt set interfaces openvpn vtun0 tls cert-file /config/auth/openvpn/server.crt set interfaces openvpn vtun0 tls dh-file /config/auth/openvpn/dh.pem set interfaces openvpn vtun0 tls key-file /config/auth/openvpn/server.key
Example client config file…
client tls-client remote remote.hostname.here port xxxx proto udp dev tun pull cipher AES-128-CBC auth SHA256 fragment 1400 mssfix float <ca> ca certificate file contents here </ca> <cert> pem certificate file contents here </cert> <key> pem key file contents here </key>