When using tls-auth, you need to do one of the following: #1) In both the client and server, use "tls-auth <file>" #2) At one of the endpoints, use "tls-auth <file> 0", and at the other end point, use "tls-auth <file> 1". Traditionally, the server is 0 and the client is 1, but this is arbitrary. You can't make one bi-directional, and the other directional. #2 is a bit more secure. Getting DNS to work through VPN is painful if the client isn't Windoze. You need to add Code: push "dhcp-option DNS <your router's IP>" push "dhcp-option DOMAIN <your home domain>" to your server's configuration, and you also need some magic configurations in your client. Searching "OpenVPN linux DNS" should give you the information you need.