Am Sonntag, 4. Oktober 2020, 18:08:13 CEST schrieben Sie:
> Hi Thomas,
>
> On Tue, Sep 22, 2020 at 04:21:49PM +0200, Thomas Schäfer wrote:
> > I get
> > Note: unable to redirect IPv4 default gateway -- Cannot read current
> > default gateway from system
> I'm
same problem, different message:
with 2.5rc
NOTE: unable to redirect IPv4 default gateway -- Cannot obtain current remote
host address
with 2.4.3 (version of my linux distributor) it still works in that environment
/ configuration
both are compiled with --enable-iproute2
___
ows client: IPv6-only Wifi
Linux/Synology server: behind DS-lite
transport IPv6, works, payload IPv6 works, payload IPv4 works only partly
Redirection of IPv6 works, redirection of IPv4 doesn't work
Regards,
Thomas
ovpn25.rc1-log.tar.xz
Description: app
Am 01.09.20 um 22:14 schrieb Gert Doering:
Hi,
On Tue, Sep 01, 2020 at 08:07:20PM +0200, Thomas Schäfer wrote:
- IPv4-only VPN
Typo?
We can do that!
Is it new in 2.5?
Asking again, just to understand the difference
"IPv6-only operation"
I can remove all IPv4-related c
> - IPv4-only VPN
Typo?
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
It works for me without problems.
Windows 10 Home 2004 Build 19041.450
When uninstalling and installing it again I had a temporary connection
problem. But reboot has helped.
Thomas
Am 28.08.20 um 15:09 schrieb Samuli Seppänen:
Hi,
It would be great if somebody would find time to test the
:0:0:0/64"
push "dhcp-option DNS fd00::464e:6dff:fe72:8a08"
keepalive 10 120
verb 3
Client was Openvpn connect 3.05 for android.
Thomas
___
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
Am 30.10.18 um 11:53 schrieb Arne Schwabe:
That should answer your questions, doesn't it?
Thanks for clarification. It doesn't harm IPv6 transport.
But it may (if intended ) block IPv6 payload.
Thomas
___
Openvpn-devel mailing list
Ope
you block IPv6 ("external") at the client, you will
lose also you connectivity. (except 464xlat which generates a v4 socket)
I cannot test it at the moment. I have two IPv6-only configured ovpn
servers and two NAT64-ISP (tm and lrz) but no time to build an
IPv4-only-openvpn-
When setting the SOCKS proxy through the management interface, the
socks_proxy_port pointer would be set to a value that's no longer valid
by the time it's used by do_preresolve_host.
Signed-off-by: Thomas Veerman
---
src/openvpn/init.c | 2 +-
1 file changed, 1 insertion(+),
By the way.
It works. (with 2.4.1)
Thomas
--
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/sla
Am 18.01.2017 um 20:35 schrieb Gert Doering:
> Servus,
>
> On Wed, Jan 18, 2017 at 04:43:22PM +0100, Thomas Schäfer wrote:
>> Client:
>> client
>> dev tun
>> proto udp6
>> remote raspberrypi..myfritz.net 1194 udp6
> [..]
>> redirect-gateway
7;t
set the IPv4-default route, since it can not find the old one.
Regards,
Thomas
openvpn --config client.ovpn
Wed Jan 18 16:11:34 2017 OpenVPN 2.4.0 x86_64-suse-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Dec 27 2016
Wed Jan 18 16:11:34 2017 library versions
thomas.glanzmann.de/tmp/openconnect_sni.pcap
I'm using the command line 'openconnect vpn.gmvl.de'.
Cheers,
Thomas
--
Check out the vibrant tech community on one of the world's most
engagin
-.B \-\-dev\-node tun
-. When not specifying a
+.B \-\-dev\-node tun\fR.
+When not specifying a
Should do the trick.
--
Thomas
On January 23, 2014 at 1:12:41 PM, Arne Schwabe (a...@rfc2549.org) wrote:
Am 21.06.13 12:48, schrieb Arne Schwabe:
> +to select a specific utun instance. To fo
ine.
When connecting with TCP, the code does a non-blocking connect. When you
connect using UDP, you take a different path which does in fact update the
expiry timer correctly.
--
Thomas
On Jan 22, 2014, at 9:27 AM, Thomas Veerman wrote:
> When there are events from the management console wit
When there are events from the management console with an interval shorter
than 1 second, the event loop never stops as it keeps resetting event_wait.
---
src/openvpn/manage.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index 22
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
in my case, I had to add the following options:
pull
tls-client
persist-tun
comp-lzo
I'm quite sure that tls-client is the one you need. The others are
specific to your setup. I hope that this helps.
Cheers,
Thomas
Hi, On Wed, Oct 23,
h M_SSLERR is issued, the program terminates...
> ---
> #define M_SSLERR (M_FATAL | M_SSL)
>
> if (flags & M_FATAL)
> openvpn_exit (OPENVPN_EXIT_STATUS_ERROR); /* exit point */
>
>
>> But yes, it works.
>
> Thanks!
> Any more comments regarding e
works.
On 18 June 2012 21:40, Alon Bar-Lev wrote:
> Hello Thomas,
>
> Thank you for your comments and help.
> I've updated the branch based on your work, but with changes...
> The password is secret, and there is a standard mechanism in openvpn
> to handle password...
>
lved, using the
> default is not something that is usable for openvpn.
> Can you please take care of this?
>
> Alon.
>
> On Mon, Jun 18, 2012 at 3:25 PM, Alon Bar-Lev wrote:
>> Hello Thomas,
>>
>> I did not have the global variable in mind :)
>>
>>
tached patch.
Seems I don't need to call ENGINE_init() at all. The attached patch
works, at least.
I appreciate the code discipline. Really I do. :-)
Regards,
Thomas
On 17 June 2012 22:04, Alon Bar-Lev wrote:
> Yes, almost :)
>
> Won't it better to call ENGINE_init at
them.
Some more details:
http://blog.habets.pp.se/2012/02/TPM-backed-SSL
Signed-off-by: Thomas Habets
On 17 June 2012 01:11, Alon Bar-Lev wrote:
> Hello,
>
> It is a good idea.
> But first, please remove the emacs stuff.
>
> Now, I see that the ENGINE_load_builtin_e
s to the built-in UI methods because openssl-tpm-engine
doesn't yet support user data being sent to the callback functions.
A patch for that on its way to them.
Some more details:
http://blog.habets.pp.se/2012/02/TPM-backed-SSL
Signed-off-by: Thomas Habets
--
typedef struct me_s {
cha
lp?
Thanks in advance - best regards
Thomas
it works for you using
> the proxy IP address.
that's correct. The hostname has 29 chars.
Cheers,
Thomas
rsion says 'Use Internet Explorer Settings'.
Gui that ships with 2.2 RC: http://thomas.glanzmann.de/tmp/legacy.png
Your Gui fork: http://thomas.glanzmann.de/tmp/guifork.png
[1] http://swupdate.openvpn.net/community/releases/openvpn-2.2-RC-install.exe
Cheers,
Thomas
rb 3
mute 20
auth-user-pass
tun-mtu 1400
# http-proxy 192.168.1.211 8080 paaf.txt ntlm
Cheers,
Thomas
hich lets a user choose between none, basic,
ntlm, auto, or auto-nct authentication.
Cheers,
Thomas
roach might be choosing another channel, e.g.
#openvpn-discussion or just continue on the -devel mailinglist.
Kind regards
Thomas
Am 06.01.10 19:08, schrieb richard -rw- weinberger:
2010/1/6, Eric F Crist:
This forum will be moderated. To apply for +v during the conversation,
please se
a good summary of the management of openvpn. Hopefully it's
not a program that deals with security, otherwise we would be worried...
--
Thomas
stem would be a nice feature of openvpn
(I could say : another "killer-feature" ? ;) )
Cheers,
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Administration des ressources informatiques
Agence universitaire de la Francophonie (AUF)
o...
We can not integrate all these cases directly in OpenVPN. An external
system (as for all others scripts in OpenVPN) provides an very efficient
solution.
Just my 2 cents..
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Administration des ressources informatiq
http://openvpn.net/archive/openvpn-devel/2005-12/msg0.html
With it, it's easy to check OCSP, SVCP, CRL... or openssl blacklists...
or whatever...
--
Thomas NOEL
I suffer from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338023
which seems to be related to the bridge setup I use. It may or may not
be related
to your problem.
Kind regards
Thomas Reifferscheid
Girish KS wrote:
HI all,
Does OpenVPN support tftp? I'm not able to connect to
Hi,
as you can see in my posting, I do already have keepalive defined.
Other suggestions?
Regards,
Thomas
Von: Kosta Welke [mailto:ko...@fillibach.de]
Gesendet: Sa 08.07.2006 13:30
An: Thomas Heidemann
Cc: openvpn-devel@lists.sourceforge.net
Betreff: Re
Fri Jun 23 10:35:32 2006 Initialization Sequence Completed
Connection established successfully!
And a few seconds later:
Fri Jun 23 10:35:53 2006 write TCPv4_CLIENT: Connection reset by peer
(WSAECONNRESET) (code=10054)
Fri Jun 23 10:35:53 2006 Connection reset, restarting [-1]
Fri Jun 23 10:35:53 2006 TCP/UDP: Closing socket
Fri Jun 23 10:35:53 2006 SIGUSR1[soft,connection-reset] received,
process restarting
Fri Jun 23 10:35:53 2006 Restart pause, 5 second(s)
...
--
Any suggestions?
Thanks for your answer.
Regards,
Thomas
ients), I cannot stop them
and break all TSE clients in case of a simple revocation... :-(
The ultimate solution will be OCSP, but... we are in 2005 ;-)
Thank you for your attention about this issue.
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Agence universitai
:
- where can I add an action when a SIGUSR1 or SIGHUP is handled ?
- how can I get the (list of ?) SSL_CTX object ?
Do you think that it is a good idea, and do you think that it is feasible ?
Thanks,
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Agence univers
the tools for that.
Again, thanks for OpenVPN, and do not misundestood me : OpenVPN is a
very very nice piece of code anyway :-)
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Agence universitaire de la Francophonie (AUF)
Services centraux Paris - 4 place de la Sorbo
d_lookup() and
X509_LOOKUP_add_dir() ... I'm not a openssl guru, not at all ;-)
Thanks,
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Agence universitaire de la Francophonie (AUF)
Services centraux Paris - 4 place de la Sorbonne - 75005 Paris
Tél: +33 (0)1 4
he CRL stuff
for 0.9.7 and above.
I will try to produce a patch for a "--capath" option. See you in two or
three hours.
Thanks again,
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Agence universitaire de la Francophonie (AUF)
Services centraux Pa
ly manage all CA
and all CRL included in a "CAPath".
Thx,
--
Thomas NOEL http://www.auf.org/
Coordinateur des infrastructures techniques
Agence universitaire de la Francophonie (AUF)
Services centraux Paris - 4 place de la Sorbonne - 75005 Paris
Tél: +33 (0)1 44 41 18 18, poste 182
erify-path /etc/openvpn/crls/" will check for any
0a1b2c3d.r{0,1,..,9} CRL file in the /etc/openvpn/crls/ directory.
If the CRL file and the certificate issuers are the same, then
OpenVPN normally check the CRL (as with --crl-file ...).
If no CRL file is found or no CRL file match the cert iss
Hello James,
> I'd like to invite some discussion on this idea, and I'd especially
> like feedback from past OpenVPN contributors as to whether this is
> something they could agree to.
I didn't submit that much code, but of course I would aggree to dual
licensing.
Honestly,
Thomas
*server* and *client*
- wakeup on lan
- dyndns
All this applications are stored on the flash. A friend of mine also managed to
compile and run screen on it.
The openvpn takes approx 1.5Mbyte (including libs).
Thomas
Hello James,
I am unable to find the CVS repository to the upcomming 2.0 version.
Honestly,
Thomas [ Who want's to implement a compression functionality to
compress static things like ipv(6) addresses, prots and maybe
parts of tcp header function within one byte us
ld you please send me a patch for this.
Thomas
n, too. I told him to send his patches to the upstream
maintainers.
Thomas
to support IPv6 via tun devices.
Thomas
diff /tmp/openvpn-1.5-beta7/syshead.h openvpn-1.5-beta7/syshead.h
--- /tmp/openvpn-1.5-beta7/syshead.hThu Aug 28 06:08:14 2003
+++ openvpn-1.5-beta7/syshead.h Mon Sep 8 13:51:17 2003
@@ -209,6 +209,14 @@
#include
#endif
+#ifdef HAVE_NETINET
50 matches
Mail list logo
