ocserv/ocserv.config.patch

diff --git a/doc/sample.config b/doc/sample.config
index 4c8c8c6..7a4697f 100644
--- a/doc/sample.config
+++ b/doc/sample.config
@@ -48,7 +48,7 @@
 #auth = "pam"
 #auth = "pam[gid-min=1000]"
 #auth = "plain[passwd=./sample.passwd,otp=./sample.otp]"
-auth = "plain[passwd=./sample.passwd]"
+auth = "plain[passwd=/etc/ocserv/ocpasswd]"
 #auth = "certificate"
 #auth = "radius[config=/etc/radiusclient/radiusclient.conf,groupconfig=true]"
 
@@ -90,8 +90,8 @@ auth = "plain[passwd=./sample.passwd]"
 # listen-netns = "foo"
 
 # TCP and UDP port number
-tcp-port = 443
-udp-port = 443
+tcp-port = 9000
+udp-port = 9001
 
 # The user the worker processes will be run as. This should be a dedicated
 # unprivileged user (e.g., 'ocserv') and no other services should run as this
@@ -126,9 +126,8 @@ socket-file = /var/run/ocserv-socket
 
 #server-cert = /etc/ocserv/server-cert.pem
 #server-key = /etc/ocserv/server-key.pem
-server-cert = ../tests/certs/server-cert.pem
-server-key = ../tests/certs/server-key.pem
-
+server-cert = /etc/ocserv/certificates/server-cert.pem
+server-key = /etc/ocserv/certificates/server-key.pem
 # Diffie-Hellman parameters. Only needed if for old (pre 3.6.0
 # versions of GnuTLS for supporting DHE ciphersuites.
 # Can be generated using:
@@ -154,7 +153,7 @@ server-key = ../tests/certs/server-key.pem
 # client certificates (public keys) if certificate authentication
 # is set.
 #ca-cert = /etc/ocserv/ca.pem
-ca-cert = ../tests/certs/ca.pem
+ca-cert = /etc/ocserv/certificates/ca-cert.pem
 
 # The number of sub-processes to use for the security module (authentication)
 # processes. Typically this should not be set as the number of processes
@@ -249,7 +248,7 @@ mobile-dpd = 1800
 switch-to-tcp-timeout = 25
 
 # MTU discovery (DPD must be enabled)
-try-mtu-discovery = false
+try-mtu-discovery = true
 
 # To enable load-balancer connection draining, set server-drain-ms to a value
 # higher than your load-balancer health probe interval.