Thanks for that Nick, good to know. I can see from the conf file exactly what is pushed by default now (just ClearOS LAN subnet and domain and, apparently, DNS and WINS requests). And also answered where the default 10.8.0.* OpenVPN IPs are coming from. And I did do some testing today tailing log files while VPN'd in and verified traffic between ios and internet locations did not go through OpenVPN, only traffic destined for or behind ClearOS.