Re: systemd service oddness with openvpn

On 12/11/23 04:47, Kamil Jońca wrote: Richard Hector writes: Hi all, I have a machine that runs as an openvpn server. It works fine; the VPN stays up. Are you sure? Have you client conneted and so on? Yes. I can ssh to the machines at the other end. However, after running for a while

Re: systemd service oddness with openvpn

Richard Hector writes: > Hi all, > > I have a machine that runs as an openvpn server. It works fine; the > VPN stays up. Are you sure? Have you client conneted and so on? > > However, after running for a while, I get these repeatedly in syslog: > > Nov 07 12:17

Re: systemd service oddness with openvpn

On 7/11/23 12:41, Richard Hector wrote: Hi all, I have a machine that runs as an openvpn server. It works fine; the VPN stays up. However, after running for a while, I get these repeatedly in syslog: I don't know if anyone's watching, but ... It appears that this happens when

Re: systemd service oddness with openvpn

On 7/11/23 12:41, Richard Hector wrote: Hi all, I have a machine that runs as an openvpn server. It works fine; the VPN stays up. However, after running for a while, I get these repeatedly in syslog: I should also have mentioned - this is debian bookworm (12.2) Richard

systemd service oddness with openvpn

Hi all, I have a machine that runs as an openvpn server. It works fine; the VPN stays up. However, after running for a while, I get these repeatedly in syslog: Nov 07 12:17:24 ovpn2 openvpn[213741]: Options error: In [CMD-LINE]:1: Error opening configuration file: opvn2.conf Nov 07 12:17

Re: [Openvpn-users] surf the internet through openvpn

On Sat, 5 Jun 2021 07:59:40 +0200 Stella Ashburne wrote: > Hi guys, > > This mailing list is for discussions concerning Debian. > > For discussions on specific topics such as openvpn, please post your > questions on https://forums.openvpn.net/ or > https://www.reddit.com/

Re: [Openvpn-users] surf the internet through openvpn

Hi guys, This mailing list is for discussions concerning Debian. For discussions on specific topics such as openvpn, please post your questions on https://forums.openvpn.net/ or https://www.reddit.com/r/OpenVPN/   Sent: Saturday, June 05, 2021 at 7:04 AM From: "Bonno Bloksma" T

Re: [Openvpn-users] surf the internet through openvpn

Please keep the discussion on the list. And sorry for top posting, this client refuses todo otherwise :-( Make sure traffic coming from the openvpn client can indeed access the internet, test with ping. If that does not work solve that problem first. Look at routing and NAT on your openvpn

Re: Openvpn 2fa google

the error is as follows. Verification code is correct. -% error: openvpn(pam_google_authenticator)[16239]: Invalid verification code for usi21 On Wed, Jun 2, 2021 at 10:58 PM Gokan Atmaca wrote: > > Hello > > I use Google for 2FA. My configuration is as follows. However, I could

Openvpn 2fa google

d for peer -% Pam_config: auth required /usr/lib/x86_64-linux-gnu/security/pam_google_authenticator.so secret=/etc/openvpn/google-authenticator/${USER} forward_pass accountrequired pam_permit.so -% usr_create: sudo su -c "google-authenticator -t -d -r3 -R30 -f -l \"My VPN\" -s

Re: OpenVpn Mac Address Filter

Hi, On 2021-06-02 8:45 a.m., Gokan Atmaca wrote: > Hello > > There I am trying to compile openvpn. I am getting an error as below. > > What can be the problem ? > > -% error: > /usr/bin/install: cannot stat './openvpn.8': No such file or directory > mak

Re: OpenVpn Mac Address Filter

Hello There I am trying to compile openvpn. I am getting an error as below. What can be the problem ? -% error: /usr/bin/install: cannot stat './openvpn.8': No such file or directory make[4]: *** [Makefile:515: install-man8] Error 1 make[4]: Leaving directory '/root/open

Re: OpenVpn Mac Address Filter

> Mac address is available only on the local network. You usually do not > get the mac address of the openvpn client but the mac address of nic of > the last router facing your openvpn server. You are right. I will try Google 2fa. On Sat, May 29, 2021 at 9:57 PM Erwan David wrote:

Re: OpenVpn Mac Address Filter

Le 29/05/2021 à 20:09, Gokan Atmaca a écrit : > Hello > > Can we filter MAC addresses of Openvpn clients ? > > Thanks. > > > Mac address is available only on the local network. You usually do not get the mac address of the openvpn client but the mac address of nic of the

OpenVpn Mac Address Filter

Hello Can we filter MAC addresses of Openvpn clients ? Thanks. -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org ⠈⠳⣄

network-manager-openvpn GUI not keeping automatic VPN connection setting

I hope that subject line doesn't obfuscate the issue. I'm using Sid/testing with Xfce4 desktop environment, fully updated. openvpn 2.4.7-1 network-manager-openvpn 1.8.10-1 network-manager-openvpn-gnome 1.8.10-1 Using the GUI I set openvpn to connect automatically to a chosen VPN. I

Re: openvpn-systemd-resolved vs gui

Il 02/09/19 19:52, john doe ha scritto: Those messages are error messages, if I were you I would put the missing file 'scripts/update-systemd-resolved' in the directory '/etc/openvpn/scripts' or look in your openvpn config file for the '--up script' directive.

Re: openvpn-systemd-resolved vs gui

On 9/2/2019 7:08 PM, Andrea Borgia wrote: > Il 01/09/19 19:09, john doe ha scritto: > > > >>> After seeing some warnings in the system logs, I decided to >>> investigate and >> It would help if we could see those warnings as well. > > Sep  2 16:59:40 cla

Re: openvpn-systemd-resolved vs gui

Il 01/09/19 19:09, john doe ha scritto: After seeing some warnings in the system logs, I decided to investigate and It would help if we could see those warnings as well. Sep 2 16:59:40 clarisse systemd[1]: openvpn@update-systemd-resolved.service: Service RestartSec=5s expired

Re: openvpn-systemd-resolved vs gui

On 9/1/2019 6:33 PM, Andrea Borgia wrote: > Hi. > > After seeing some warnings in the system logs, I decided to investigate and It would help if we could see those warnings as well. > found out that I am supposed to enable this script to integrate the dns Which script are you refering to? > inf

openvpn-systemd-resolved vs gui

Hi. After seeing some warnings in the system logs, I decided to investigate and found out that I am supposed to enable this script to integrate the dns information supplied from the server into the local configuration. Do I really have to do it if I am not worried about dns leaks? I'm actually ok

Re: Re: Issue with OpenVPN inside a LXC container: Failed at step NAMESPACE spawning /usr/sbin/openvpn: Permission denied

Thanks a ton! I'm running this container on my private network behind a NAT, so I'm not too worried about disabling apparmor. I ended up just giving as loose of a configuration I could and it did the trick. lxc.apparmor.profile = unconfined lxc.apparmor.allow_nesting = 1 lxc.apparmor.allow_in

Re: Issue with OpenVPN inside a LXC container: Failed at step NAMESPACE spawning /usr/sbin/openvpn: Permission denied

Hi. On Tue, Jul 16, 2019 at 10:57:06PM -0400, Simon Bernier St-Pierre wrote: > I have a LXC container which is connected to a remote VPN using > OpenVPN. After upgrading to buster, the VPN does not start anymore. > I'm using Debian buster on my host OS These are relevant

Issue with OpenVPN inside a LXC container: Failed at step NAMESPACE spawning /usr/sbin/openvpn: Permission denied

I have a LXC container which is connected to a remote VPN using OpenVPN. After upgrading to buster, the VPN does not start anymore. I'm using Debian buster on my host OS and Debian buster on the guest OS. Both were updated from stretch. Aside from OpenVPN there's only deluged and

Re: Openvpn cli vs. Openvpn Networkmanager

rface-order . Look for whatever Notwork Manager added to /run/resolvconf/interfaces for openvpn, add it at the top of interface-order. Reco

Openvpn cli vs. Openvpn Networkmanager

Hello, I try to setup Openvpn. Frist of all I use the cli client to connect and all works fine. config is like follows: ... Only on (debian) client, you also need following directives # resolvconf must be installed up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf

Openvpn cli vs. Openvpn Networkmanager

Hello, I try to setup Openvpn. Frist of all I use the cli client to connect and all works fine. config is like follows: ... Only on (debian) client, you also need following directives # resolvconf must be installed up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf

Re: Openvpn with brainpoolP256r1 works for debian clients only

Dominik wrote: > Hi all, > > I'm using openvpn with certificates based on elliptic curves form the > brainpoolP256r1 group. This works fine if the server and the clients run > with debian as operating system. > > If I try to connect with a client based on windows

Openvpn with brainpoolP256r1 works for debian clients only

Hi all, I'm using openvpn with certificates based on elliptic curves form the brainpoolP256r1 group. This works fine if the server and the clients run with debian as operating system. If I try to connect with a client based on windows or centos using the same client.conf, the handshake fail

Re: openvpn fails to run a learn-address script

I run openvpn in a daemon as user vpn with the ability to use sudo in a learn-address-script? 3) Would it be appropriate to file a bug report against systemd at this stage? Thanks in advance, kind regards Dominik I can't grok your /etc/systemd/system/openvpn@.service.d/override.conf fil

Re: openvpn fails to run a learn-address script

On 2019-02-27, Dominik wrote: > > I'm looking for help related to three questions: > > 1) How do I get additional information about what is causing the error? > Why is systemd blocking sudo despite the modifications in the override.conf > > 2) More generally: How can I

openvpn fails to run a learn-address script

Since a few days (after an update of systemd and openvpn), openvpn fails while running the learn-address script with the following message: Feb 25 09:07:56 vpn openvpn[27220]: sudo: unable to send audit message Feb 25 09:07:56 vpn openvpn[27220]: sudo: pam_open_session: System error Feb 25 09:07

[SOLVED]: openvpn over ipv6 /65

On 27/11/2018 15:03, Reco wrote: > In conclusion, your current NAT66 setup is probably the best you can > achieve without a risk to your VPS or your sanity ;) > OK Reco, that's great. I'm announcing a valid IPv6 address, so it's achieving its objective. I can route traffic from any of my IOT boxe

Re: Fwd: openvpn over ipv6 /65

your own /65 route, but there's 100% chance that your IPv6 gateway will reject it. I'd do it too if I was your VPS provider. 2) Currently you have two different network segments - one on eth0, and another one on tun0 (that one). Even if you make your openvpn encapsulate L2 traffic (don

Re: Fwd: openvpn over ipv6 /65

On 27/11/2018 13:34, Reco wrote: > Hi. > > On Tue, Nov 27, 2018 at 01:20:25PM +0100, tony wrote: >> On 27/11/2018 12:44, Reco wrote: >>> Hi. >>> >>> On Tue, Nov 27, 2018 at 12:26:03PM +0100, tony wrote: >>>> OK, that fixed it, thanks

Re: Fwd: openvpn over ipv6 /65

Hi. On Tue, Nov 27, 2018 at 01:20:25PM +0100, tony wrote: > On 27/11/2018 12:44, Reco wrote: > > Hi. > > > > On Tue, Nov 27, 2018 at 12:26:03PM +0100, tony wrote: > >> OK, that fixed it, thanks. Almost there. I had expected the host's > >>

Re: Fwd: openvpn over ipv6 /65

On 27/11/2018 12:44, Reco wrote: > Hi. > > On Tue, Nov 27, 2018 at 12:26:03PM +0100, tony wrote: >> OK, that fixed it, thanks. Almost there. I had expected the host's >> openVPN ip (2a03:9800:10:54:8000::1000) to propagate, but I'm seeing my >> server

Re: Fwd: openvpn over ipv6 /65

Hi. On Tue, Nov 27, 2018 at 12:26:03PM +0100, tony wrote: > OK, that fixed it, thanks. Almost there. I had expected the host's > openVPN ip (2a03:9800:10:54:8000::1000) to propagate, but I'm seeing my > server's address: > > tony@tony-fr:~$ dig +short a

Re: Fwd: openvpn over ipv6 /65

e Nov 27 10:24:58 2018 us=429472 Note: option tun-ipv6 is ignored >>>> because modern operating systems do not need special IPv6 tun handling >>>> anymore. >>>> >>>> I'm assuming it doesn't like the ::/0 address, nor do I understand that. &g

Re: Fwd: openvpn over ipv6 /65

On Tue, Nov 27, 2018 at 11:53:07AM +0100, tony wrote: > On 27/11/2018 11:43, Reco wrote: > > Hi. > > > > On Tue, Nov 27, 2018 at 11:19:12AM +0100, tony wrote: > push "route-ipv6 2a03:9800:10:54:8000::/65" > push "route-ipv6 2000::/3" > push "redirect-gateway def1 bypass-dhcp" >

Re: Fwd: openvpn over ipv6 /65

On 27/11/2018 11:43, Reco wrote: > Hi. > > On Tue, Nov 27, 2018 at 11:19:12AM +0100, tony wrote: push "route-ipv6 2a03:9800:10:54:8000::/65" push "route-ipv6 2000::/3" push "redirect-gateway def1 bypass-dhcp" >>> >>> Remove these. Use this instead: >>> >>> push "redirect-gatew

Re: Fwd: openvpn over ipv6 /65

Hi. On Tue, Nov 27, 2018 at 11:19:12AM +0100, tony wrote: > >> push "route-ipv6 2a03:9800:10:54:8000::/65" > >> push "route-ipv6 2000::/3" > >> push "redirect-gateway def1 bypass-dhcp" > > > > Remove these. Use this instead: > > > > push "redirect-gateway def1" > > push "route-ipv6 ::/0

Fwd: openvpn over ipv6 /65

ty, you should never announce things >>> like these through openvpn even once, let alone twice. If you really >>> need to do things like GeoIP spoofing, you should announce an IPv6 >>> default gateway with low metric. >>> >> I did wonder about that. I have cobbl

Re: Fwd: openvpn over ipv6 /65

Hi. On Mon, Nov 26, 2018 at 05:53:27PM +0100, tony wrote: > >> 2000::/3 dev tun0 metric 1024 pref medium > >> 2000::/3 dev tun0 metric 1028 pref medium > > > > Er, wat? Exterminate this travesty, you should never announce things > > like these throug

Re: Fwd: openvpn over ipv6 /65

I might try? >>> >>> I'd like to see your IPv6 routing tables from your VPS and the OpenVPN >>> client. >>> Two simple 'ip -6 ro l' will do. >>> And, for the sake of the completeness, the same 'ip -6 ro l' once OpenVPN >&g

Re: Fwd: openvpn over ipv6 /65

Hi. It's been a long and an eventful day. But, On Mon, Nov 26, 2018 at 01:40:22PM +0100, tony wrote: > >> Have you any further suggestions as to what I might try? > > > > I'd like to see your IPv6 routing tables from your VPS and the OpenVPN > &g

Re: Fwd: openvpn over ipv6 /65

;>gateway 2a03:9800:10:54::1 >>> >>> Leave all the other entries intact. >>> Then invoke this as root (one-time only): >>> >>> ip a d dev eth0 2a03:9800:10:54::2/64 >>> ip a a dev eth0 2a03:9800:10:54::2/65 >>> ip ro d

Re: Fwd: openvpn over ipv6 /65

> > Then invoke this as root (one-time only): > > > > ip a d dev eth0 2a03:9800:10:54::2/64 > > ip a a dev eth0 2a03:9800:10:54::2/65 > > ip ro d default via 2a03:9800:10:54::1 > > Thanks so much, Reco. This has got me well on the way to setting up a > IPv6 VPN

Fwd: openvpn over ipv6 /65

Sorry, hit the wrong button! Forwarded Message Subject: Re: openvpn over ipv6 /65 Date: Mon, 26 Nov 2018 11:25:09 +0100 From: tony To: Reco On 23/11/2018 15:24, Reco wrote: > HI. > > On Fri, Nov 23, 2018 at 03:07:01PM +0100, tony wrote: >> Thanks

Re: openvpn over ipv6 /65

> Hi. > > > This will need to be repeated at every reboot, > > No, it won't. OP has two stanzas regarding eth0 in e/n/i already - one > for inet and another one for inet6. You're right; I'm clearly not having a good day! Thank-you for the correction. Steve -- https://www.steve.org.

Re: openvpn over ipv6 /65

Hi. On Fri, Nov 23, 2018 at 03:39:16PM +, Steve Kemp wrote: > > with this: > > > > iface eth0 inet6 static > >address 2a03:9800:10:54::2 > >netmask 65 > >gateway 2a03:9800:10:54::1 > > > > Leave all the other entries intact. > > Then invoke this as

Re: openvpn over ipv6 /65

> with this: > > iface eth0 inet6 static >address 2a03:9800:10:54::2 >netmask 65 >gateway 2a03:9800:10:54::1 > > Leave all the other entries intact. > Then invoke this as root (one-time only): > > ip a d dev eth0 2a03:9800:10:54::2/64 > ip a a dev eth0 2a03:98

Re: openvpn over ipv6 /65

have a Stretch VPServer with a /64 netbloch, of which only the first 2 > >> addresses are used. I've been struggling for some time to get the right > >> stanza to split that into two /65s, using the upper half for openvpn. > > > > I'd check first that some

Re: openvpn over ipv6 /65

en struggling for some time to get the right >> stanza to split that into two /65s, using the upper half for openvpn. > > I'd check first that some other addresses from this /64 range are routed > by your VPS provider. > I'm not sure I understand what you mean. As far

Re: openvpn over ipv6 /65

Hi. On Fri, Nov 23, 2018 at 01:18:45PM +0100, tony wrote: > Hi, > > I have a Stretch VPServer with a /64 netbloch, of which only the first 2 > addresses are used. I've been struggling for some time to get the right > stanza to split that into two /65s, using the up

openvpn over ipv6 /65

Hi, I have a Stretch VPServer with a /64 netbloch, of which only the first 2 addresses are used. I've been struggling for some time to get the right stanza to split that into two /65s, using the upper half for openvpn. There are many 'quick config' tutorials on the web, but none

Re: OpenVPN & Debian Stretch

Thanks. I'll install openvpn, and easy-rsa on a test computer and see what it does, before installing it on my server. Wayne Sallee wa...@waynesallee.com http://www.WayneSallee.com On 09/05/2018 08:51 AM, Dan Ritter wrote: easy-rsa is basically a series of scripts to get openssl to d

Re: OpenVPN & Debian Stretch

, Wayne Sallee wrote: Has anyone set up OpenVPN with ssh-keygen -t rsa ? Technically, you can do that. ssh-keygen generates ssh keys, not x.509 certificates ... An x.509 cert contains an RSA key signed by a CA. openssl can do the signing, at which point you've half-reimplemented easy-rsa.

Re: OpenVPN & Debian Stretch

Wayne Sallee wrote: > I will also be installing OpenVPN on Debian Stretch (Debian 9). What > problems are you having? go for installation - there are no problems discussed here - only how one should generate the certificate for the client. The easy-rsa is a set of scripts that makes gene

Re: OpenVPN & Debian Stretch

ep 04, 2018 at 07:42:58PM -0400, Wayne Sallee wrote: > > > > > > Has anyone set up OpenVPN with ssh-keygen -t rsa ? > > > > > > > > > > > Technically, you can do that. > > > > ssh-keygen generates ssh keys, not x.509 certificates ... &g

Re: OpenVPN & Debian Stretch

On 09/04/2018 06:47 PM, Josh W. wrote: Debian Users, I am having a terrible time setting up a free VPN Service! Could "Any Body" point me to an UP To Date way. to set up OpenVPN on Debian Stretch? Your Help is Much Needed!!! Thank you! Joshua mailto:joshw8...@gmail.com&

Re: OpenVPN & Debian Stretch

On 09/05/2018 06:30 AM, Dan Purgert wrote: Dan Ritter wrote: On Wed, Sep 05, 2018 at 12:29:02AM -, Dan Purgert wrote: Dan Ritter wrote: On Tue, Sep 04, 2018 at 07:42:58PM -0400, Wayne Sallee wrote: Has anyone set up OpenVPN with ssh-keygen -t rsa ? Technically, you can do that. ssh

Re: OpenVPN & Debian Stretch

Dan Ritter wrote: > On Wed, Sep 05, 2018 at 12:29:02AM -, Dan Purgert wrote: >> Dan Ritter wrote: >> > On Tue, Sep 04, 2018 at 07:42:58PM -0400, Wayne Sallee wrote: >> >> Has anyone set up OpenVPN with ssh-keygen -t rsa ? >> >> >> > &

Re: OpenVPN & Debian Stretch

On Wed, Sep 05, 2018 at 12:29:02AM -, Dan Purgert wrote: > Dan Ritter wrote: > > On Tue, Sep 04, 2018 at 07:42:58PM -0400, Wayne Sallee wrote: > >> Has anyone set up OpenVPN with ssh-keygen -t rsa ? > >> > > > > Technically, you can do that. >

Re: OpenVPN & Debian Stretch

Dan Ritter wrote: > On Tue, Sep 04, 2018 at 07:42:58PM -0400, Wayne Sallee wrote: >> Has anyone set up OpenVPN with ssh-keygen -t rsa ? >> > > Technically, you can do that. ssh-keygen generates ssh keys, not x.509 certificates ... -- |_|O|_| Registered Linux user #

Re: OpenVPN & Debian Stretch

On Tue, Sep 04, 2018 at 07:42:58PM -0400, Wayne Sallee wrote: > Has anyone set up OpenVPN with ssh-keygen -t rsa ? > Technically, you can do that. In practice, you need to have a CA set up, of which easy-rsa is the simplest choice. Why? Revocation. Let's suppose you have an

Re: OpenVPN & Debian Stretch

Has anyone set up OpenVPN with ssh-keygen -t rsa ? Wayne Sallee wa...@waynesallee.com http://www.WayneSallee.com On 09/04/2018 07:34 PM, Dan Purgert wrote: Josh W. wrote: Debian Users, I am having a terrible time setting up a free VPN Service! Could "Any Body" point me t

Re: OpenVPN & Debian Stretch

Josh W. wrote: > Debian Users, > I am having a terrible time setting up a free VPN Service! Could > "Any Body" point me to an UP To Date way. to set up OpenVPN on Debian > Stretch? Your Help is Much Needed!!! Thank you! > > Joshua > apt-get install openv

Re: OpenVPN & Debian Stretch

On Tue, Sep 04, 2018 at 05:47:37PM -0500, Josh W. wrote: > Debian Users, > I am having a terrible time setting up a free VPN Service! Could > "Any Body" point me to an UP To Date way. to set up OpenVPN on Debian > Stretch? Your Help is Much Needed!!! Thank you! su

OpenVPN & Debian Stretch

Debian Users, I am having a terrible time setting up a free VPN Service! Could "Any Body" point me to an UP To Date way. to set up OpenVPN on Debian Stretch? Your Help is Much Needed!!! Thank you! Joshua

openvpn and new openssl 1.1.1~~pre9-1

Hi, After upgrading to openssl 1.1.1~~pre9-1, I am not able to establish VPN connections (eg.nordvpn, work, etc.) Mon Sep  3 11:19:34 2018 us=634061 OpenSSL: error:1425F18C:SSL routines:ssl_choose_client_version:version too low Mon Sep  3 11:19:34 2018 us=634070 TLS_ERROR: BIO read tls_read_plain

Re: OpenVPN dhcp

On Sat, Jul 28, 2018 at 02:06:46PM -0400, Jim Popovitch wrote: > > Heck, it took NM > something like 7 years to fix the flood of wifi events that hit > .xsession-errors and filled up /home partitions, so don't hold your > breath on this issue being resolved before Sid hits stable. > That is a com

Re: OpenVPN dhcp

t-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf So, delete your VPN profile, re-import the new client.ovpn, edit /etc/NetworkManager/system-connections/, run the nmcli command, toggle VPN. Apparently all of this is fixed in future versions of NetworkManager

Re: OpenVPN dhcp

s it very clearly. >> >> Search terms: "openvpn networkmanager dns leak" >> >> Effectively, NetworkManager lacks a concept of "replace the active >> DNS settings when this connection becomes active."  Instead, what it >> does is add the DNS servers to

Re: OpenVPN dhcp

On Fri, 2018-07-27 at 14:52 -0400, Roberto C. Sánchez wrote: > The short answer is, "as long as you use NetworkManager, no." > > I no longer have the link, but some time ago I found a page that > explains it very clearly. > > Search terms: "openvpn networkm

Re: OpenVPN dhcp

On Fri, Jul 27, 2018 at 02:38:37PM -0400, Jim Popovitch wrote: > Hello, > > Is there a way to have an OpenVPN server push dhcp-options to the > clients that completely replace any existing entries in > /etc/resolv.conf?   > The short answer is, "as long as you use Net

OpenVPN dhcp

Hello, Is there a way to have an OpenVPN server push dhcp-options to the clients that completely replace any existing entries in /etc/resolv.conf?   Using these OpenVPN settings on the server: push "dhcp-option DNS 10.8.0.1" push "dhcp-option DNS fd00:10:8::1" push

Re: need help on using openvpn

On Sat, 19 May 2018 08:05:40 + (UTC) Long Wind wrote: > i've bought vpn service > the provider gives me many .opvn files and the same login/password > every time i use, i have to enter login/password > > is it possible to specify login/password on openvpn command lin

need help on using openvpn

i've bought vpn service the provider gives me many .opvn files and the same login/password every time i use, i have to enter login/password is it possible to specify login/password on openvpn command line or a config file? openvpn manual is long, i'm unable to find answer, Thanks

Re: openvpn client DNS security

On Thu, Apr 05, 2018 at 11:48:51AM +0200, Roger Price wrote: > Hi, I had a problem setting up DNS on an openvpn client. I'll describe it > here before submitting a bug report - I would appreciate comment on the > security aspects. > > > Looking more closely at script /et

openvpn client DNS security

Hi, I had a problem setting up DNS on an openvpn client. I'll describe it here before submitting a bug report - I would appreciate comment on the security aspects. In the stretch openvpn server (2.4.0-6+deb9u2) the configuration file server.conf contains the declarations: push

Re: [OT a bit] -- OpenVPN and mobile safety

; > provide some authentication before you are connected to the Net, > > > generally through a web page. In some systems, you may have a need > > > to access the web page after the VPN is up, so it is probably > > > advisable to allow web access to the wifi network as we

Re: [OT a bit] -- OpenVPN and mobile safety

through a web page. In some systems, you may have a need > > to access the web page after the VPN is up, so it is probably > > advisable to allow web access to the wifi network as well as DHCP > > and OpenVPN. > That would defeat some of the purpose -- allowing the tablet > (

Re: [OT a bit] -- OpenVPN and mobile safety

probably advisable to allow web > access to the wifi network as well as DHCP and OpenVPN. > That would defeat some of the purpose -- allowing the tablet (specifically bloatware) to access the local network would (continue to) expose me to gawd alone knows what on unknown and untrusted network

Re: [OT a bit] -- OpenVPN and mobile safety

On Mon, 27 Nov 2017 00:33:02 +0900 Mark Fletcher wrote: > On Tue, Nov 21, 2017 at 05:46:23PM +, Joe wrote: > > On Tue, 21 Nov 2017 22:35:24 +0900 > > > > Look at the --redirect-gateway startup option or (without leading > > --) in the config file. The chances a

Re: [OT a bit] -- OpenVPN and mobile safety

On Tue, Nov 21, 2017 at 05:46:23PM +, Joe wrote: > On Tue, 21 Nov 2017 22:35:24 +0900 > > Look at the --redirect-gateway startup option or (without leading --) > in the config file. The chances are that the default openvpn > configuration does this anyway, as there are two main

Re: [OT a bit] -- OpenVPN and mobile safety

ntrusted WiFi as normal, > get an IP address from that network, and then when I fire up OpenVPN > I want to arrange things such that all user / app attempts to access > the internet are routed through the VPN, so they emerge onto the > internet at large from my home network not from my tab

[OT a bit] -- OpenVPN and mobile safety

turned up info about connecting two networks using a VPN, which seems more difficult / complicated than what I am trying to do. I travel a lot for business and some time ago I set up OpenVPN so I can access my home network, and in particular my main PC, while travelling. I run OpenVPN on my

Re: openvpn

On Mon, 23 Oct 2017 21:03:30 +0200 Pol Hallen wrote: > Hello all :-) > > maybe I've a simple question... > > I've an openvpn server 10.0.0.1/24 and a connected client (gateway): > I use vpn to make backup. > > On this client I've samba and clients

openvpn

Hello all :-) maybe I've a simple question... I've an openvpn server 10.0.0.1/24 and a connected client (gateway): I use vpn to make backup. On this client I've samba and clients in same lan can connect to it. The problem: these clients can see also all netbios across v

Re: [semi-OT] openvpn

Le 10/13/17 à 10:03, Debian EN a écrit : > Hello folks :-) > > inside an existence network I need to add a hardware device (a switch) > that can connent with openvpn server > > I found also netgear ac router wireless, I need something without > wireless and chip d

[semi-OT] openvpn

Hello folks :-) inside an existence network I need to add a hardware device (a switch) that can connent with openvpn server I found also netgear ac router wireless, I need something without wireless and chip device any advice? thanks for help :) Pol

Re: openvpn updates?

On Tue, Jun 27, 2017 at 11:11:47AM -0400, Perry E. Metzger wrote: > On Thu, 22 Jun 2017 23:10:21 +0300 Adrian Bunk > wrote: > > On Thu, Jun 22, 2017 at 10:20:09AM -0400, Perry E. Metzger wrote: > > > There was a security advisory against openvpn a couple of days > >

Re: openvpn updates?

espect do > > > > https://security-tracker.debian.org/tracker/source-package/openvpn > > > > and > > > > https://tracker.debian.org/pkg/openvpn > > > > let you down? > > In the respect that I didn't know they existed and I could look at &g

Re: openvpn updates?

On Tue, 27 Jun 2017 10:48:26 -0500 David Wright wrote: > > Any news on this? Apparently this is remotely exploitable though > > not in ordinary configurations. > > In what respect do > > https://security-tracker.debian.org/tracker/source-package/open

Re: openvpn updates?

On Tue 27 Jun 2017 at 11:11:47 (-0400), Perry E. Metzger wrote: > On Thu, 22 Jun 2017 23:10:21 +0300 Adrian Bunk > wrote: > > On Thu, Jun 22, 2017 at 10:20:09AM -0400, Perry E. Metzger wrote: > > > There was a security advisory against openvpn a couple of days > > >

Re: openvpn updates?

On Thu, 22 Jun 2017 23:10:21 +0300 Adrian Bunk wrote: > On Thu, Jun 22, 2017 at 10:20:09AM -0400, Perry E. Metzger wrote: > > There was a security advisory against openvpn a couple of days > > ago; > > Yesterday, not a couple of days ago. > > > just wondering wh

Re: openvpn updates?

Hi. On Fri, 23 Jun 2017 00:03:30 + Mark Fletcher wrote: > On Fri, 23 Jun 2017 at 05:27, Adrian Bunk wrote: > > > On Thu, Jun 22, 2017 at 10:20:09AM -0400, Perry E. Metzger wrote: > > > There was a security advisory against openvpn a couple of days ago; >

Re: openvpn updates?

On Fri, 23 Jun 2017 at 05:27, Adrian Bunk wrote: > On Thu, Jun 22, 2017 at 10:20:09AM -0400, Perry E. Metzger wrote: > > There was a security advisory against openvpn a couple of days ago; > > Yesterday, not a couple of days ago Holy hell, I missed that. Thanks for waking me

Re: openvpn updates?

On Thu, Jun 22, 2017 at 10:20:09AM -0400, Perry E. Metzger wrote: > There was a security advisory against openvpn a couple of days ago; Yesterday, not a couple of days ago. > just wondering when updated packages are likely to show up? unstable is already fixed. stable and oldstable w

  1   2   3   4   5   >