Personal OpenVPN Notes

The hardest part for me was generating the keys.  I 
made the mistake of choosing a CN for the server 
certificate and re-using it for the CN of the server 
private key.

* Never use the same CN (ie. hostname) for anything
when asked for the common name.  It should always 
be unique.

* If you're running a mail server, allow the tunnel
network to send and receive mail.

* Enable the password on the key for laptop users.  
It's another layer of protection if the laptop is 
lost or stolen.

* Use full path for certificates.  
ie. c:\\program files\\openvpn\\config\\ca.crt
The reason for this is because some users like to 
drag the icon over to their destop, right click
and run.  It will only work if they have the 
full path in the config file.