max-clients = 16
max-same-clients = 16
tcp-port = 443
udp-port = 443
keepalive = 32400
dpd = 90
mobile-dpd = 1800
try-mtu-discovery = false
auth = "plain[/etc/ocpasswd]"

server-cert = /etc/server-cert.pem
server-key = /etc/server-key.pem

tls-priorities = "NORMAL:%SERVER_PRECEDENCE:%COMPAT"

auth-timeout = 4000
cookie-timeout = 300
deny-roaming = false
rekey-time = 172800


use-utmp = true
use-occtl = true

pid-file = /var/run/ocserv.pid
socket-file = /var/run/ocserv-socket
output-buffer = 10
run-as-user = root
run-as-group = root
cgroup = "cpuset,cpu:test"
device = vpn
cisco-client-compat = true
predictable-ips = true
net-priority = 6
default-domain = example.com
mtu = 1420
# The pool of addresses that leases will be given from.
ipv4-network = 192.168.2.0
ipv4-netmask = 255.255.255.0

dns = 8.8.8.8

ping-leases = false

#route-add-cmd = "ip route add %{R} dev %{D}"
#route-del-cmd = "ip route delete %{R} dev %{D}"

#route = 192.168.2.170/255.255.255.0
#route = 192.168.5.0/255.255.255.0