##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server.     #
#                                            #
# This configuration can be used by multiple #
# clients, however each client should have   #
# its own cert and key files.                #
#                                            #
# On Windows, you might want to rename this  #
# file so it has a .ovpn extension           #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one.  On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server?  Use the same setting as
# on the server.
proto tcp
;proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
# remote xx.xx.xx.xx 443

#remote 10.77.78.123 443
remote vpn.snru.ac.th 443

# Choose a random host from the remote
# list for load-balancing.  Otherwise
# try hosts in the order specified.
remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server.  Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry 60

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nogroup
auth-user-pass
auth-nocache
# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here.  See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets.  Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description.  It's best to use
# a separate .crt/.key file pair
# for each client.  A single ca
# file can be used for all clients.
#ca [inline]
#cert [inline]
#key [inline]

# Verify server certificate by checking that the
# certicate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
#  http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the keyUsage set to
#   digitalSignature, keyEncipherment
# and the extendedKeyUsage to
#   serverAuth
# EasyRSA can do this for you.
remote-cert-tls server

# If a tls-auth key is used on the server
# then every client must also have the key.
#tls-auth ta.key 1
#tls-auth [inline]
key-direction 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
# See also the ncp-cipher option in the manpage
cipher AES-256-CBC

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
#comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20
<ca>
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIUVUjnPmEqydIDr8570m4TBM7vQR8wDQYJKoZIhvcNAQEL
BQAwgZIxCzAJBgNVBAYTAlRIMQwwCgYDVQQIEwNTTk8xDjAMBgNVBAcTBU1VQU5H
MQ0wCwYDVQQKEwRTTlJVMQ8wDQYDVQQLEwZTTlJVT1UxEDAOBgNVBAMTB1NOUlUg
Q0ExEDAOBgNVBCkTB0Vhc3lSU0ExITAfBgkqhkiG9w0BCQEWEm5ldHdvcmtAc25y
dS5hYy50aDAeFw0yMDA2MDExNTE1MjdaFw0zMDA1MzAxNTE1MjdaMIGSMQswCQYD
VQQGEwJUSDEMMAoGA1UECBMDU05PMQ4wDAYDVQQHEwVNVUFORzENMAsGA1UEChME
U05SVTEPMA0GA1UECxMGU05SVU9VMRAwDgYDVQQDEwdTTlJVIENBMRAwDgYDVQQp
EwdFYXN5UlNBMSEwHwYJKoZIhvcNAQkBFhJuZXR3b3JrQHNucnUuYWMudGgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2hMzDL7kRWfhVVzW5Aurv9ab
OnrHOi6s8P2DbhFjlGvoNEBA8Dpu/UUJxJLEUF5xckWnVJ+kW91t2MhG8tLwFkwQ
umIvwFX/3Wn3lF7UNqDohEdtWmw1tP/PmM8+pU+9a1CpkjvP8/8ic9ajTccI97sY
G/Q0LIvQv1M4QLQJT0ZTb/eJMPLmR8QS2zSCEnBwmfwkCot4Xt5oEyZFWr4MD9dL
LGXo4em2toXu4sLc60qCyZM17FqouPQGEvB6UBOHbnU2a5m60AT15L3ERCfL/dcM
QViqi5iFRocWCNooDrNvUxlFORwI6GQUQ7wfeAny99btbj8/J2KrWRnnfFNNAgMB
AAGjggEGMIIBAjAdBgNVHQ4EFgQUy2kr+9d1+fwbC8f9gJFqr1Qfeu0wgdIGA1Ud
IwSByjCBx4AUy2kr+9d1+fwbC8f9gJFqr1Qfeu2hgZikgZUwgZIxCzAJBgNVBAYT
AlRIMQwwCgYDVQQIEwNTTk8xDjAMBgNVBAcTBU1VQU5HMQ0wCwYDVQQKEwRTTlJV
MQ8wDQYDVQQLEwZTTlJVT1UxEDAOBgNVBAMTB1NOUlUgQ0ExEDAOBgNVBCkTB0Vh
c3lSU0ExITAfBgkqhkiG9w0BCQEWEm5ldHdvcmtAc25ydS5hYy50aIIUVUjnPmEq
ydIDr8570m4TBM7vQR8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEA
Slyax+ACBl4Y0S63/XmKZmBTvaQqIc/2Tkksqo+9FEl+kCdHAEhe2mFkbCm7M4vx
iU8oa9QwiMk+61eF1wq+xhSWSb143dmvR0ahS+xrkM6brwnH9U/v1nBjuhvtzQL+
WftuOBml9g8k84pULPUdxW45LL4KAFvEkEZfd86ans4MWvp0sR/55FZSui3XaHna
qzzxaIgC7aqZSu4hDMhYkpW2CrT9Bibb5lRMZwkIoyhfW6ge8PkuHNwH48yeMAkv
l7F4M1J6Wa2E0aenIwRP0MtV4BnS4ZUpI3zJIHMs+FaS8A5sE8bL/KWo+ZIp7oLl
JjddarliG4Io9kcBjMKNZQ==
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCVEgx
DDAKBgNVBAgTA1NOTzEOMAwGA1UEBxMFTVVBTkcxDTALBgNVBAoTBFNOUlUxDzAN
BgNVBAsTBlNOUlVPVTEQMA4GA1UEAxMHU05SVSBDQTEQMA4GA1UEKRMHRWFzeVJT
QTEhMB8GCSqGSIb3DQEJARYSbmV0d29ya0BzbnJ1LmFjLnRoMB4XDTIwMDYwMTE1
MzE0NVoXDTMwMDUzMDE1MzE0NVowgZExCzAJBgNVBAYTAlRIMQwwCgYDVQQIEwNT
Tk8xDjAMBgNVBAcTBU1VQU5HMQ0wCwYDVQQKEwRTTlJVMQ8wDQYDVQQLEwZTTlJV
T1UxDzANBgNVBAMTBmNsaWVudDEQMA4GA1UEKRMHRWFzeVJTQTEhMB8GCSqGSIb3
DQEJARYSbmV0d29ya0BzbnJ1LmFjLnRoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAtSmniF9V5/4Y1nx1O4eETkY9GU0c0hP5omSEK0xnGITWTxnqkdDP
ZQ5knxX/i7uP7l/tVDR4xVtx7mFG7lRw6CksaUZ/TsvlngiX0/xJCgJ32sNHuqwk
jCSPcBb3wVY7aQlmareffyqRGe7g1QFG1lMWa9F3qPMXqHyCxFCzoPMtJoS+IPU+
rzUMr/MEJS6+NuYHnA0iK7cTqMO7F0eZWe/gz+YdP+UO2mJUYu6sWomF/BjPc+r5
KGOeBNzLV7iXu/1YVRockJzVaBOCt5Z5441rRmv+4tAmleXJVib7lqvvTU3+8FVS
oHpni6+Gao3yvPz739nMfS2Ndse/WOVS0wIDAQABo4IBZzCCAWMwCQYDVR0TBAIw
ADAtBglghkgBhvhCAQ0EIBYeRWFzeS1SU0EgR2VuZXJhdGVkIENlcnRpZmljYXRl
MB0GA1UdDgQWBBSZ2prd1kJ2t2X0sOpvB1zlnjQr0jCB0gYDVR0jBIHKMIHHgBTL
aSv713X5/BsLx/2AkWqvVB967aGBmKSBlTCBkjELMAkGA1UEBhMCVEgxDDAKBgNV
BAgTA1NOTzEOMAwGA1UEBxMFTVVBTkcxDTALBgNVBAoTBFNOUlUxDzANBgNVBAsT
BlNOUlVPVTEQMA4GA1UEAxMHU05SVSBDQTEQMA4GA1UEKRMHRWFzeVJTQTEhMB8G
CSqGSIb3DQEJARYSbmV0d29ya0BzbnJ1LmFjLnRoghRVSOc+YSrJ0gOvznvSbhME
zu9BHzATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwEQYDVR0RBAow
CIIGY2xpZW50MA0GCSqGSIb3DQEBCwUAA4IBAQBn9i3mjxmygHT44R16JseA9o/y
MSMjkldkVdgB4fEq4nZtJm3d21L59IXVngJYUSJnfFOWbTmdj7Y9OitTviErmMJp
RpdV7QN+p4kFeZ8whLEdYY2RwsKgEcqpOcNt37Gpmj8UwmDOVkpLM1SKNRSdE5qc
5rYPykmigMBHxkTpFAkIh45eyEI37rTPL2JmtAyZiBzFbztPkLzu1ziPL3dvu3Yo
8nv0FRTai3HP7odqHTbuxuAl/UNduFEVQm4fbaOeHIqsa4yJ5w4e7DCSQXDHVYZD
TPIayA9QZA7myCLvaZ/vK1TfzGhV3cAS1za0nU9JVQe8YkoEBO3DlriPc0Pd
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1KaeIX1Xn/hjW
fHU7h4RORj0ZTRzSE/miZIQrTGcYhNZPGeqR0M9lDmSfFf+Lu4/uX+1UNHjFW3Hu
YUbuVHDoKSxpRn9Oy+WeCJfT/EkKAnfaw0e6rCSMJI9wFvfBVjtpCWZqt59/KpEZ
7uDVAUbWUxZr0Xeo8xeofILEULOg8y0mhL4g9T6vNQyv8wQlLr425gecDSIrtxOo
w7sXR5lZ7+DP5h0/5Q7aYlRi7qxaiYX8GM9z6vkoY54E3MtXuJe7/VhVGhyQnNVo
E4K3lnnjjWtGa/7i0CaV5clWJvuWq+9NTf7wVVKgemeLr4ZqjfK8/Pvf2cx9LY12
x79Y5VLTAgMBAAECggEAMMGjKxqtXiCOwrsAOiNAwmg47WRJi2iA2OnAgH6xiHHH
08Yf0VqnVoVHI2GiQxMZq4f5sZ3lmwf/Y66ejmn/cRwTrcmhXa2WgK/DXPQbHCyJ
4UCJP34w396/E+W6jDgPCTfUbog4ztq/7oDR1cHgNLJr6FyZnci+50OLVhZ6Iaic
ds7lM575KBHf/holNxT0lyFHkY/g6Zsv0QQ1VAXyhEHA+sg/m6e50ONBHODmRQFc
TRauV+65RQQXRwxI1TQcOteo+px4vLvrH7Kqrk5XujKgzjs9CtymT+m4xLAb3rKI
HvPseQxBrDL+cNVbVzdLrnvDmk1YS6GNXjhV/w2VgQKBgQDqunBpNZFmmN1ZqydM
UGUU8Skpoc8b38daYl+kZ90oxevs3OEn4myAG1BK7E91Dse/+HL+vnyMaQXKMgRW
CiUhVOiBPLBRl/y65MZ4ksi+bSMaqP5aBhf/aIuCMGuorPvWXIUdWTf95tCFPGf1
PpRuOp23pVaQO/5C4omzR5aicwKBgQDFlIZpm+/sTghkq/8UNdOfZs2E6BuPqmwA
gd6VL9jiZRoVYc1ki26qqaHQVXi1OMcf7+xcs/bl6keO+ywPrr+1swzF4K/gYGRO
thMJJIcMTGCTbOvl+JdGqiUAUANdJepnPLjO0u5hwJd4iIazciBuc3Ws0PszTL18
c/AwtcmWIQKBgCAG3DuesX4cMWeAsNX6yi/3T7R8fXPCLsMoVQBro4NirfQdlyMI
A+He2C/A2n6QS7Tnw1j6yKen1MBn3quWqsZHfYnUrAIWCMe/W00sSfOhlH6YvEuw
NSoGK7LRxH65S4tOCGOevsMH8T+cpFqT9VCs8sQR7SO069ZYbo1loSn9AoGBAL65
e/KwS67BOMrtWQMKXqkN1LBKWmiZaz4mH1XF5UfNrpsbWOiIzCBENWZlS2ssTtOe
h3yJYHlaaQ81mLfeyUK9f0P4e+5NPibZDZESyKZvh/5n82OAT48wKR2fH1AojJhx
fjhwVxrXjaAVsmnAblwQanSTGxnPJ07en+p1YQ3hAoGAc3c4zuyMEaWtDWgcrnOY
kZWuKKLFZYKvfNVx8r/TO9RvMYXXQ/qy+wQd7vFTXjbNIlR4+sJkD18Ti4GxVums
Zrrw05ux2Fe5x1t54r2c7SaZVhH42WfpcAwem/V2DLGauWZO0IhqzdpyoSqfcU42
YKFDXzcs/Weo0+imJQQLoRs=
-----END PRIVATE KEY-----
</key>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
db49bd04ffca4e7945fd12d0d3e8de05
cde2872acde26847c80eddf1278cb4b1
553f3a7d83ac870046b5527808b0eee5
a14fd648dd4bf9338bcd030ed1af9f3e
77942f5a025c66735a742efb6333d5aa
b9a54093d6480635f2825b7b10ebe11d
aaef1053f1ec7de43546c89fbc2a39f8
15f4788fa654218666546c43bc9bfae3
b4bc2b8f7e5d7483218d83eb24be231f
c3d978e94fe77202ee741a05662575f7
4c439c419f068ed6990234bf210d1e5c
9b0baadd19d22ab789eb3d6280415ee0
fa42fa90bc2b548684ebe7dad8dddd1b
88b7d07eeb5de56a425098c585dc5d91
5a2e3f557bd99f12a70bcc18a499905a
a9b8c668b795f97b1d0ec01c8b45ad5a
-----END OpenVPN Static key V1-----
</tls-auth>