OpenVPN client setup.

    * Download OpenVPN 2.0.9 from OpenVPN web site. Download prebuilt Windows installer or source distribution for Linux/Unix and Mac OS X platforms and compile it yourself.
    * Create file C:\Program Files\OpenVPN\config\openvpn.ovpn (/etc/openvpn/openvpn.conf on UNIX platforms) with the following data:

      #--8<---------------------------------------
      ##############################################
      # Sample client-side OpenVPN 2.0 config file #
      # for connecting to multi-client server.     #
      #                                            #
      # This configuration can be used by multiple #
      # clients, however each client should have   #
      # its own cert and key files.                #
      #                                            #
      # On Windows, you might want to rename this  #
      # file so it has a .ovpn extension           #
      ##############################################

      # Specify that we are a client and that we
      # will be pulling certain config file directives
      # from the server.
      client

      # Use the same setting as you are using on
      # the server.
      # On most systems, the VPN will not function
      # unless you partially or fully disable
      # the firewall for the TUN/TAP interface.
      ;dev tap
      dev tun

      # Windows needs the TAP-Win32 adapter name
      # from the Network Connections panel
      # if you have more than one.  On XP SP2,
      # you may need to disable the firewall
      # for the TAP adapter.
      ;dev-node MyTap

      # Are we connecting to a TCP or
      # UDP server?  Use the same setting as
      # on the server.
      proto tcp
      ;proto udp

      # The hostname/IP and port of the server.
      # You can have multiple remote entries
      # to load balance between the servers.
      remote vpn.callwithus.com 443
      ;remote my-server-2 1194

      # Choose a random host from the remote
      # list for load-balancing.  Otherwise
      # try hosts in the order specified.
      ;remote-random

      # Keep trying indefinitely to resolve the
      # host name of the OpenVPN server.  Very useful
      # on machines which are not permanently connected
      # to the internet such as laptops.
      resolv-retry infinite

      # Most clients don't need to bind to
      # a specific local port number.
      nobind

      # Downgrade privileges after initialization (non-Windows only)
      user nobody
      group nobody

      # Try to preserve some state across restarts.
      persist-key
      persist-tun

      # If you are connecting through an
      # HTTP proxy to reach the actual OpenVPN
      # server, put the proxy server/IP and
      # port number here.  See the man page
      # if your proxy server requires
      # authentication.
      ;http-proxy-retry # retry on connection failures
      ;http-proxy [proxy server] [proxy port #]

      # Wireless networks often produce a lot
      # of duplicate packets.  Set this flag
      # to silence duplicate packet warnings.
      ;mute-replay-warnings

      # SSL/TLS parms.
      # See the server config file for more
      # description.  It's best to use
      # a separate .crt/.key file pair
      # for each client.  A single ca
      # file can be used for all clients.
      ca ca.crt
      cert ACCOUNT.crt
      key ACCOUNT.key

      # Verify server certificate by checking
      # that the certicate has the nsCertType
      # field set to "server".  This is an
      # important precaution to protect against
      # a potential attack discussed here:
      #  http://openvpn.net/howto.html#mitm
      #
      # To use this feature, you will need to generate
      # your server certificates with the nsCertType
      # field set to "server".  The build-key-server
      # script in the easy-rsa folder will do this.
      ;ns-cert-type server

      # If a tls-auth key is used on the server
      # then every client must also have the key.
      ;tls-auth ta.key 1

      # Select a cryptographic cipher.
      # If the cipher option is used on the server
      # then you must also specify it here.
      ;cipher x

      # Enable compression on the VPN link.
      # Don't enable this unless it is also
      # enabled in the server config file.
      comp-lzo

      # Set log file verbosity.
      verb 3

      # Silence repeating messages
      ;mute 20
      #--8<---------------------------------------


      In the configuration file replace ACCOUNT in key file names with your 10-digit long account number. Login into your account to request a temporary key files (valid for 2 weeks), or purchase a 1 year key. Put the files to the same directory where openvpn.ovpn file is located.
    * Start OpenVPN client with command "openvpn --config ..\config\openvpn.ovpn". The client will print several lines on the screen, the last line should be "Initialization Sequence Completed". If you get this line, you're 99% done!
    * Check the connection. From another command prompt window run "ping 10.39.0.1", you should get responses from the server.
    * Install Xten softphone, configure it as shown on Configuration page, but in "Domain" field enter "10.39.0.1" instead of "callwithus.com" (without quotes). Enjoy SIP calls worldwide over blocked network:-)
    * The VPN will provide an access to our SIP server only and nothing else, you will not be able to access other SIP providers over our VPN link.