fine to use.
Colin
On 2023-11-29 5:00 p.m., David Sommerseth wrote:
On 29/11/2023 19:50, Colin Ryan wrote:
Folks,
Trying to move my openvpn configuration to fully systemd modified.
I've compiled openvpn with systemd support and fundamentally it works
with the most recent systemd recip
Folks,
Trying to move my openvpn configuration to fully systemd modified.
I've compiled openvpn with systemd support and fundamentally it works
with the most recent systemd recipe's in the style of openvpn@.service
Systemd until has this:
[Service]
Type=notify
PrivateTmp=true
WorkingDirecto
On 10/2/22 7:42 AM, Bo Berglund wrote:
6 months ago or so I have set up a system where I have two fiber connected LAN
segments in different locations tied together with OpenVPN into one single LAN
using addresses 192.168.117.x and 192.168.119.x.
Point of semantics...you don't have one single
folks.
Colin
On 8/3/21 3:19 PM, Colin Ryan wrote:
Folks,
The document found
here...https://community.openvpn.net/openvpn/wiki/OpenVPN-GUI-New
seems to imply that most of the traditional Registry Entries that
could be used to configure the behavior of the the OpenVPN-GUI tool
are ig
Folks,
The document found
here...https://community.openvpn.net/openvpn/wiki/OpenVPN-GUI-New
seems to imply that most of the traditional Registry Entries that could
be used to configure the behavior of the the OpenVPN-GUI tool are
ignored/deprecated?
Maybe I'm reading it wrong and they are
Folks,
I've been customizing the NSIS installer for years. Want to look at
moving to the MSI installer. Is there a source file for the community
edition that I can use as a starting point?
Thanks
Colin Ryan
___
Openvpn-users mailing
On 12/28/20 11:47 AM, Colin Ryan wrote:
Is the PI the default gateway device on the 178 network?
If not then your remote workstation connects, get's given a 10.7
address and is presented routes to the 178 network.
However upon leaving the eth0 inteface of your Pi out onto the LAN the
Your follow in query is revealing it's own answer. Get DNS resolution
to work and you're good to go. Previous answers provided the answer, you
need DNS resolution to be specifically solved as typically road warriors
have NAT based configurations which will not allow workstations to find
system
Folks,
I know this belongs more on the dev list but anyone know what CHOST,
CBUILD environment variables could be used to leverage using the
GenericBuild environment to build 32bit linux binaries in a 64bit linux
environment.
I _love_ the GenericBuild environment for Windows builds...hoping
Jonathan,
Yes I am aware of the proper approach, we don't espouse just double
clicking.
And I concur too, the functionality of Tunnelblick is great, I've used
it lot's over the years.
Colin
On 2020-04-16 8:24 a.m., Ralf Hildebrandt wrote:
* Jonathan K. Bullard :
Just for the record, the
Folks,
Per a previous email (and thanks for the help), I've been playing around
with the 11 GUI.
One thing that has come up is wondering if there is anyway to generate a
situation where if a user is presented a complete (i.e. embedded certs)
.ovpn config file is there a configuration or swi
On 2020-04-07 5:38 p.m., Selva Nair wrote:
Hi,
On Tue, Apr 7, 2020 at 2:15 PM Colin Ryan <mailto:col...@caveo.ca>> wrote:
Folks,
I'm working with GUI-11 and all is fine. However I'd like to have the
default GUI configuration for my users be silent (i.e.not have
s Hive from an Admin elevated
process etc.
Anyone have any suggestions as to how to make this option the default in
such a situation? A well placed .ini file? some trick that isn't well
documented.
Thank you
Colin Ryan
___
Openvpn-users m
e response from FreeRadius to force lowercase...I'm not
sure if this will solve this as I don't know where in the sequence OVPN
decides what to use as the CN
* Other ideas ;-)
Thanks all.
Colin Ryan
--
C
I'm fairly certain you need the full cert path, including root and any
intermediate certs.
To not require this would question the whole point of the cert's.
I don't, to be frank, understand why you want to not have the rootCA
included. The server - correct me if I'm wrong - would only need the
On 2014-06-10, 6:12 PM, Mike Josh wrote:
> > OpenVPN is not a peer-to-peer VPN solution (by design).
Of course you can. You can do this most easily indeed with client to
client. Or if tighter control is required even without client to client.
What Jan is saying is that it is not a true Peer to
I am certain I will not describe this 100% accurately but client to
client traffic does indeed go up to the server and back. The difference
is that with client to client the packets never "leave" the user-space
of OpenVPN so to speak and work at the wire level (kinda like bridging).
Thus you do
Sorry Jan, beat me to it.
Colin
On 2014-06-10, 5:42 PM, Jan Just Keijser wrote:
> On 10/06/14 23:31, Mike Josh wrote:
>> The OpenVPN server is in Europe. This is me. I have two OpenVPN clients
>> in the US, Bob and Alice (names out of the classic example). I have
>> enabled client-to-client in my
Whenever I've built customs with openssl on a prefix I do the following
upon configure for OVPN
export PKG_CONFIG_PATH=/lib/pkgconfig
export CPPFLAGS=-Iinclude
export LDFLAGS=-L/lib
export PKG_CONFIG_PATH=/lib/pkgconfig
then a ./configure --prefix= yadda yadda...
Side note. I've been building
Folks,
I understand clearly enough that determining your vulnerability to
Heartbleed is actually pretty straight forward, i.e. do you have and did
you compile with the affect OpenSSL lib's.
However I have a few circumstances where I'd like to be able to
specifically confirm or deny the bleed.
Unless I'm reading your original post wrong this is your issue.
> local 192.168.20.253
When you have a cluster (active-passive) - as I believe you are trying
to do - each hardware node, has as you outlined, a real physical
address and then there is a floating IP ( or what I call VIP ) that t
VIP is all that matters.
You might also want to have Openvpn start stop in your cluster failover
scripts.
I have HA running very well with simple UCARP and rsync sync'ed
openvpn's --- didn't bother with drbd in my case not enough config
changes to bother.
Hope this helps.
Co
s enable_strict=no enable_strict_options=no
enable_systemd=no enable_win32_dll=yes enable_x509_alt_username=no
with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no
with_plugindir='$(libdir)/openvpn/plugins' with_ssl=/opt/aa wit
On 2013-10-16 7:30 PM, Jason Haar wrote:
> On 17/10/13 10:24, Sumit Dahiya wrote:
>> MITM attack is exactly why I'd like my users to go through OpenVPN.
>>
>> So I am hearing MITM (for general internet browsing) becomes more probable
>> if my server does not use the directive "redirect-gateway def1
24 matches
Mail list logo
