17.2.3. OpenVPN Export

Once an OpenVPN server is created and saved it’s possible to export OpenVPN client configs. Besides the default export, it’s also possible to export the config in an inline format. This functionality can be found at the bottom of the page when when an OpenVPN server is edited. Several configurations are available:

Host allows the setup of multiple hosts with their hostname or IP address and port.

Advanced Options shows more specific configurations.

Verify Server CN will optionally verify the server certificate Common Name (CN) when the client connects.

Block Outside DNS will block access to DNS servers except across OpenVPN while connected, forcing clients to use only VPN DNS servers.

Legacy Client will not include OpenVPN 2.4 settings in the client configuration.

Use Random Local Port enables the usage of a random local source port (lport) for traffic from the client. Without this set, two clients may not run concurrently.

P12 Password a password to encrypt the config in the P12 format.

Custom Options is for custom configuration parameters for the config.

If the authentication mode is Certificate it’s possible to export the client config for each certificate. This functionality can be found below the default export. Those exports are available either in the Inline or P12 format. For each certificate an OpenVPN Override can be configured.