tls-client
dev tap
proto udp
port 12345
#change above to proto tcp and port 443 to get through corporate firewalls, 
#you must change server settings as well.
resolv-retry infinite
nobind
cipher AES-256-CBC
#cipher BF-CBC
#keysize 448
auth RSA-SHA256
persist-key
persist-tun
auth-nocache
ping 10
ping-restart 60
ping-timer-rem
reneg-sec 10800
explicit-exit-notify 1
ca yourca.crt
cert yourclient1.crt
key yourclient1.key
ns-cert-type server
tls-auth yourta.key 1
comp-lzo
verb 3
#***uncomment the next 2 entries to route all IP packets over the VPN***
#route-gateway 192.168.1.1
#redirect-gateway
#remote 192.168.1.1
remote yourdns.somedns.com