Openvpn, server FreeBSD, clients Ubuntu and Windows XP

cd /usr/ports/security/openvpn
make install

openvpn_enable="YES"

cd /usr/local/etc/
mkdir openvpn
cd openvpn
touch openvpn.conf

dev tun
server 10.1.0.0 255.255.255.0
push "route 192.168.1.0 255.255.255.0"
tls-server
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
proto tcp
port 5000
comp-lzo
keepalive 10 120
verb 4

cp -r /usr/local/share/doc/openvpn/easy-rsa /home/myuser/
cd /home/myuser/easy-rsa

export KEY_COUNTRY=NO
export KEY_PROVINCE=TH
export KEY_CITY=Trondheim
export KEY_ORG="khmel.org"
export KEY_EMAIL="test@khmel.org"

sh
. vars
./clean-all
./build-ca

Organizational Unit Name (eg, section) []: office
Common Name (eg, your name or your server's hostname) []: server

./build-key-server server

Organizational Unit Name (eg, section) []: office
Common Name (eg, your name or your server's hostname) []: server
A challenge password []:
An optional company name []: na
Sign the certificate? [y/n]: y
1 out of 1 certificate requests certified, commit? [y/n]
: y
# you should see
Write out database with 1 new entries
Data Base Updated

./build-key client

Organizational Unit Name (eg, section) []:client
Common Name (eg, your name or your server's hostname) []:client

./build-dh
exit

cp -r keys/* /usr/local/etc/openvpn/

ca.crt
server.crt
server.key
dh1024.pem

dev tun
client
remote 88.111.222.77 5000
tls-client
ca ca.crt
cert client.crt
key client.key
proto tcp-client
comp-lzo
verb 4

ca.crt
client.crt
client.key

openvpn --config /etc/openvpn/openvpn.ovpn

dev tun
client
remote 88.111.222.77 5000
tls-client
ca /etc/openvpn/ca.crt
cert /etc/openvpn/client.crt
key /etc/openvpn/client.key
proto tcp-client
comp-lzo
verb 4