;local a.b.c.d
port 1194

;proto tcp
proto udp4

;dev tap
dev tun

dev-node OpenVPNTAP

ca ca.crt
cert server_1.crt
key server_1.key  # This file should be kept secret

dh dh2048.pem

data-ciphers AES-256-CBC

topology subnet

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

# To assign specific IP addresses to specific
# clients or if a connecting client has a private
# subnet behind it that should also have VPN access,
# use the subdirectory "ccd" for client-specific
# configuration files (see man page for more info).

# EXAMPLE: Suppose the client
# having the certificate common name "Thelonious"
# also has a small subnet behind his connecting
# machine, such as 192.168.40.128/255.255.255.248.
# First, uncomment out these lines:
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248

keepalive 10 120

# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun

# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status openvpn-status.log


# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3


# Notify the client that when the server restarts so it
# can automatically reconnect.
explicit-exit-notify 1


# 追加: クライアントに 192.168.250.0/24 のルートをプッシュ
push "route 192.168.250.0 255.255.255.0"

# 追加: サーバーが 192.168.250.0/24 へのルートを認識
route 192.168.250.0 255.255.255.0