Hoi Hans,
On 22/05/2024 12:41, Hans via Openvpn-users wrote:
Hi all,
At the openvpn client side it is possible to use http-encapsulation,
For instance, we use in our client-config:
(snip)
http-proxy url-site-A 443
remote url_vpn-XXX tcp
http-proxy url-site-A 443
remote url_
Hi there,
On 21/05/2024 19:14, Yuri Kanivetsky wrote:
The man page says:
Note that only clients that support the binding of a DHCP client with the TAP
adapter (such as Windows) can support this mode.
https://build.openvpn.net/man/openvpn-2.6/openvpn.8.html
Do only Windows clients support th
Hi David,
On 03/09/2023 23:34, David Sommerseth wrote:
On 03/09/2023 15:23, Jason Long via Openvpn-users wrote:
Hello,
As I said, I have some scenario and I want to learn more.
Have you ordered any of the books you've been recommended? Have you
read any of them?
I would say you are pret
(original message with the table in attachment is pending approval of a
moderator)
On 11/08/2023 12:12, Jan Just Keijser wrote:
hi all,
interesting read:
"Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing
Tables"
https://papers.mathyvanhoef.com/usenix2023-tunne
On 15/02/2023 14:12, Stefanie Leisestreichler wrote:
On 15.02.23 13:54, Jan Just Keijser wrote:
sure, I use them , I even manage a few that offer such access to
students and employees.
Do I trust that host? no, it is monitored very intensively and it's
purely a "jumphost&qu
On 15/02/2023 11:53, Stefanie Leisestreichler wrote:
My intital question was meant something like: Do you or others trust
ssh opened to the public internet and if so, under which circumstances?
sure, I use them , I even manage a few that offer such access to
students and employees.
Do I tr
Hi Emanuel,
On 10/11/2022 20:53, Emanuel Gonzalez wrote:
I was able to install my first ec2 instance with openVPN.
My configuration is
local 0.0.0.0
port 5194
proto udp
dev tap1
server 10.8.2.0 255.255.255.0
route 10.8.2.0 255.255.255.0
ifconfig-pool-persist /etc/openvpn/kiu-udp/ipp.txt
client-
On 29/09/22 01:19, André via Openvpn-users wrote:
Hi,
Could it have something to do with SMB Multichannel...?
interesting suggestion and definitelty worth exploring.
We are missing info however (which Selva's questions should partially
answer.
One of the things I am still unclear about is wh
Hi,
On 27/09/22 15:29, Sebastian Arcus wrote:
On 26/09/2022 13:53, Jan Just Keijser wrote:
Hi,
On 26/09/22 13:49, Sebastian Arcus wrote:
[...]
Thank you for the extra suggestions. Please find below the output of
the nbtstat commands, with the vpn up and a large slow file transfer
in
Hi,
On 26/09/22 13:49, Sebastian Arcus wrote:
[...]
Thank you for the extra suggestions. Please find below the output of
the nbtstat commands, with the vpn up and a large slow file transfer
in progress, just to be sure the fault was still present at the time.
As far as I can tell from the o
On 23/09/22 23:22, Sebastian Arcus wrote:
On 23/09/2022 22:16, Sebastian Arcus wrote:
[...]
I an update on progress, but to be honest I can't really make sense
of what it means. Both the server and the client had 'fragment 1300'
in the configs - which I didn't include in my post as I assumed t
Hi Selva,
On 23/09/22 15:48, Selva Nair wrote:
Having said that, I took another look at the routing table on the
Win10
client and noticed something odd. The only /32 routes I could find are
192.168.112.236 255.255.255.255 On-link
192.168.112.236 281
192
Hi Sebastian,
On 23/09/22 12:01, Sebastian Arcus wrote:
[...]
Hi and thank you again to both of you for the suggestions.
1. Running iperf3 as per instructions above to another machine on the
network, both in client and server mode, produces (nearly) gigabit
speeds - so the traffic is goin
On 22/09/22 20:00, Sebastian Arcus wrote:
[...]
the routing table looks OK to me, though I find the route
192.168.112.236 255.255.255.255 On-link
192.168.112.236 281
a little odd - it suggests a /32 route pointing to itself.
I just checked another Windows 10 machine, and i
Hi Sebastian,
On 22/09/22 17:49, Sebastian Arcus wrote:
On 22/09/2022 16:09, Jan Just Keijser wrote:
Hi,
On 22/09/22 16:06, Sebastian Arcus wrote:
I use openvpn on laptops to access the vpn server and the network
behind it. When the laptops are connected directly to the vpn server
home
Hi,
On 22/09/22 16:06, Sebastian Arcus wrote:
I use openvpn on laptops to access the vpn server and the network
behind it. When the laptops are connected directly to the vpn server
home network, to stop traffic going through the vpn, for years I've
used successfully the route metric directive:
Hi,
On 18/06/22 22:49, Ian Pilcher wrote:
I've got a simple OpenVPN setup that allows me to connect to my home
network while traveling. I am using the redirect-gateway option to
route all non-local traffic over the VPN when connected, but I haven't
yet been able to figure out how to ensure that
Hi,
On 12/05/22 18:35, Bo Berglund wrote:
On Thu, 12 May 2022 17:57:00 +0200, Gert Doering wrote:
Hi,
On Thu, May 12, 2022 at 12:00:13PM +0200, Bo Berglund wrote:
Is there a way I can switch on/off access for a specific client server side
"easily"?
Not really. Well, of course you can put
Hi,
On 14/04/22 12:42, me.meek...@yahoo.com wrote:
Hi, thank you so much @Jan Just Keijser, your response helped me alot
however, something is still not quite right
I’ve cleared the UDP rules and managed to get a steady connection with CCD enabled on the raspi client
From the server I can
Hi,
On 12/04/22 13:26, me.meekone--- via Openvpn-users wrote:
Hi guys, I have a rather simple issue but I cannot get it working
Atm I have a VPS acting as the OpenVPN server and a OpenVPN client
running on my home lan
All works well and the VPN is solid until I’m advertising the
Hi there,
On 10/03/22 11:51, Jakob Curdes wrote:
Hello all,
we are trying to implement 2FA for several existing Firebox SSL VPNs
(which essentially uses OpenVPN on server and client side). The remote
users all use the Windows OpenVPN client. This works perfectly without
2FA, and it works al
e forwarded yet.
cheers,
JJK / Jan Just Keijser
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Hi Eike,
On 08/03/22 10:48, Eike Lohmann wrote:
Hi Jan,
thank you for your reply.
I will comment also inline below and will describe what we do with
openvpn.
We are connecting devices (e.g. mobile router with sim) via openvpn
(in tun mode only) for our customers and create "vpns" on our pl
Hi Eike,
see comments/answers inline below
On 04/03/22 11:35, Eike Lohmann wrote:
Hi,
since 2006 we are using openvpn in topology net30, use all rfc1918
networks and configure the openvpn server process like this:
ifconfig 172.16.0.1 172.16.0.2
topology net30
and clients like this:
ifconfi
For the record:
On 20/02/22 22:43, Bo Berglund wrote:
On Sun, 20 Feb 2022 21:54:44 +0100, Gert Doering wrote:
[...]
That depends on the CPU in that box, and the SSL library in use.
I am considering exchanging the remote router for a newer model (Asus RT-AC86U)
with more computing power...
On 12/02/22 21:49, Bo Berglund wrote:
On Sat, 12 Feb 2022 19:54:20 , tincantech via Openvpn-users
wrote:
regarding your bottleneck, try iperf3 without the VPN but across the real
internet.
Hm,
That would entail having a way to enter my home LAN in a similar way as with
VPN, right?
I do have
Hi,
On 11/02/22 15:30, Bo Berglund wrote:
On Fri, 11 Feb 2022 14:44:05 +0100, Jan Just Keijser wrote:
EXPERIMENT
--
I installed the nfs server on a RaspberryPi on the 119 LAN and used the same
kind of exports entry:
/mnt/nfs 192.168.116.0/22(rw,sync,no_subtree_check)
After the
Hi Bo,
On 11/02/22 13:29, Bo Berglund wrote:
On Fri, 11 Feb 2022 08:03:05 +0100, Gert Doering wrote:
Hi,
On Fri, Feb 11, 2022 at 01:02:18AM +0100, Bo Berglund wrote:
sudo mount 192.168.119.216:/home/bosse/www/VIDEO /mnt/video
mount.nfs: access denied by server while mounting
192.168.119.216
Hi,
On 02/02/22 15:47, Antonio Quartulli wrote:
Hi,
On 02/02/2022 14:02, Emanuel Gonzalez wrote:
Hi everyone
I’m trying to start a VPN connection through a shell script but I
can’t run it in background, I’ve tried with:
sudo openvpn --config "/home/user/config.ovpn" &
sudo openvpn --config
On 15/12/21 18:01, Gert Doering wrote:
Hi,
On Wed, Dec 15, 2021 at 04:30:43PM +, tincantech via Openvpn-users wrote:
-BEGIN PGP SIGNED MESSAGE-
It seems only fair to warn the OpenVPN community that Version 2.5.5 has had
bugs identified.
A new release v2.5.6 is planned for the comin
"if your local proxy is running unsupported legacy code in an
unsecure setup,
then you will have to resort to openvpn 2.4.x "
or similar.
BTW, do you know who worked on the obfuscation/transport API stuff? Was
that David S?
cheers,
JJK / Jan Ju
Hi Aleksandar,
On 01/12/21 20:23, Aleksandar Ivanisevic wrote:
On 1. Dec 2021, at 18:48, Gert Doering wrote:
You might have hit that subnet in the pool, and then decided "I want to
make it static", picking the same subnet for ccd/
Yes, that’s exactly what happened, but I’ve just checked the
Hi,
On 29/11/21 17:46, Gert Doering wrote:
On Mon, Nov 29, 2021 at 12:12:39PM +, Alexander Franklin wrote:
1. Is it possible for client configs to have/Server configs to push out
multiple IP addresses to particular clients? This would be brilliant if
this was an option, as I cou
Hi Rui,
On 15/11/21 17:32, Rui Santos wrote:
Hello everyone,
I'm trying to design a setup where I define 2 servers for a particular
client to connect to, basically 2 remote directives within the same
client config file.
Up until now, it works by:
- defining explicit-exit-notify 2 on the clie
Hi,
On 04/07/21 20:43, Thibault JY Derrien wrote:
Dear OpenVPN community,
I'm writing as I obtain a systematic freeze on a production machine
today. Problem is that is gets frozen systematically few seconds after
connection. It is not the first time and seem to be random. This is
preventing
On 09/06/21 17:55, Nikolaos Milas wrote:
Hello,
We are using a LogTraffic.sh script to log client stats at disconnect:
client-disconnect scripts/LogTraffic.sh
This script logs (among other) the assigned IPv4 and IPv6 addresses,
configured in a ccd file as follows for a specific user:
Hi,
On 04/06/21 12:20, Aleksandar Ivanisevic wrote:
On 3. Jun 2021, at 14:36, Jan Just Keijser <mailto:janj...@nikhef.nl>> wrote:
from reading the 2.5.1 sources I cannot find any environment
variables being set that reflect the "incoming" IP address or
interface; I woul
Hi,
On 03/06/21 17:30, Fermin Francisco via Openvpn-users wrote:
Good morning!
How can I make openvpn clients (Linux clients) surf the internet
through openvpn using the public ip of the openvpn server (the openvpn
server is on Windows)?And also that emails using Thunderbird can work
with th
Hi,
On 02/06/21 23:07, Aleksandar Ivanisevic wrote:
is there a way to figure out which client is connected to which IP address
(i.e. interface) other than to grep the logs?
I have a multihomed system where one uplink is of higher quality than the
others and I would like to keep the more impor
Hi,
On 31/05/21 11:29, Bo Berglund wrote:
Say that I have a tunnel-only OVPN configuration to enable clients to "reach"
each other using client-to-client directive on the OVPN server.
If I connect two Linux clients to the tunnel and one has a webserver running,
will the website be available to
On 27/05/21 12:33, Bo Berglund wrote:
I am a bit confused about how the ccd mechanism works...
Say that I want to assign a limited number of clients with specific tunnel
addresses, whereas the other connecting clients will use dhcp provided
addresses.
In the server.conf file I have this:
server
Hi,
On 27/05/21 12:42, Bo Berglund wrote:
On Thu, 20 May 2021 12:04:27 -0400, Selva Nair wrote:
the OP did not follow up, so here it is:
https://forums.openvpn.net/viewtopic.php?f=10&t=32300
The user wants to automatically disconnect a connection when another
one using a different config is
Hi,
On 05/05/21 01:20, Bo Berglund wrote:
On Sun, 2 May 2021 19:17:26 +0200, Gert Doering wrote:
Now, for "client A talks to client B", there's a catch - if you put
"client-to-client" into the openvpn server config, OpenVPN will forward
the packets directly, bypassing tun0 firewalls. Without
Hi,
On 03/05/21 12:12, Gert Doering wrote:
On Mon, May 03, 2021 at 12:01:04PM +0200, Jan Just Keijser wrote:
I would expect this to do the same thing it would do for the "non proxy"
case - install a host route to the existing default gateway so packets
to the server (and with pro
Hi,
On 01/05/21 11:03, Gert Doering wrote:
On Fri, Apr 30, 2021 at 09:15:07PM +, tincantech via Openvpn-users wrote:
Ref: https://forums.openvpn.net/viewtopic.php?f=6&t=32193#p99021
(This also applies to --http-proxy)
The question is, how/what does openvpn do in the case that the client
i
Hi,
On 20/04/21 20:05, Selva Nair wrote:
On Tue, Apr 20, 2021 at 6:47 AM Jan Just Keijser wrote:
[...]
This is surprising. SoftHSM would support raw RSA signatures and hence
should work with OpenVPN + pkcs11-helper 1.26 and later even with TLS
1.3 and PSS signatures. The problem should
Hi Selva,
On 19/04/21 19:01, Selva Nair wrote:
Hi JJK,
On Mon, Apr 19, 2021 at 7:19 AM Jan Just Keijser <mailto:janj...@nikhef.nl>> wrote:
Hi Selva,
On 15/04/21 20:20, Selva Nair wrote:
> [...]
>>
>>
>> Another thing I am not clear o
Hi Selva,
On 15/04/21 20:20, Selva Nair wrote:
[...]
Another thing I am not clear on, is where the cert signature type is set
/ required. I am guessing the entire chain needs to be at least SHA256
right ? PKI's CA CRT, CSR, signed CRT ?
We are referring to the signature algorithm set in
On 08/04/21 16:37, Gert Doering wrote:
Hi,
On Thu, Apr 08, 2021 at 03:49:56PM +0200, Jordan Borgner wrote:
I'm facing a situation in which a client can't connect to the server
because an old connection of him is still apparent. So it still listed
in it's status file and the server still tries t
Hi,
On 15/03/21 05:05, Eric Schoeller wrote:
Hello,
I've been an OpenVPN user for about 15 years, but I am brand new to
the mailing list.
I am building a redundant monitoring system (naemon+merlin) and I
would like to establish a means to connect three distributed
monitoring machines over
Hi,
On 11/03/21 00:16, tincanteksup wrote:
On 09/03/2021 15:48, Gert Doering wrote:
Hi,
On Tue, Mar 09, 2021 at 03:33:56PM +, tincanteksup wrote:
what is the final effect of using `--mssfix 0` in a client
config ?
What I mean is, how would openvpn interpret this and what would
it tell
On 25/02/21 08:12, Marc SCHAEFER wrote:
On Wed, Feb 24, 2021 at 10:49:56PM +, tincanteksup wrote:
My idea (as daft as it is) would only serve one purpose: To hide a
listening TCP port. Because there would be no SYN-ACK from the server if
the SYN failed security checks.
This is what port
Hi Dante,
On 23/02/21 18:01, Dante F. B. Colò wrote:
Hi everyone !!
I'm looking for some better way to generate a report of users sessions
only to get info when they start and end a session , currently i do it
with a shell script that looks for lines in the openvpn log file when
someone con
Hi,
On 08/01/21 12:37, Gert Doering wrote:
Hi,
On Fri, Jan 08, 2021 at 11:33:38AM +0100, Ralf Hildebrandt wrote:
We have a flock of openvpn Servers. We're using DNS round robin
(openvpn.charite.de).
Currentlym we have
421 clients on machine 0
465 clients on machine 1
598 clients on machine 2
he OpenSSL binary for you... Remember that the easy-rsa scripts are
merely wrappers around OpenSSL.
HTH,
JJK
On 02/11/2020 16:27, Jan Just Keijser wrote:
Hi,
On 02/11/20 16:32, Stephen wrote:
Hi everyone, the Easy-RSA forums directed me to this mailing list
for support questions. Hopefully so
Hi,
On 02/11/20 16:32, Stephen wrote:
Hi everyone, the Easy-RSA forums directed me to this mailing list for
support questions. Hopefully someone here will be able to help me.
I have successfully created an EasyRSA 3 based PKI CA as described in
the standard tutorials on this topic. This curre
Hi Leroy,
On 08/10/20 00:58, Leroy Tennison via Openvpn-users wrote:
We use OpenVPN but are getting requests from customers for IPSec. In
doing research I came across a reference stating the OpenVPN
development team has "subscribed to" some standard for secure
development but, of course, now
Hi,
On 29/07/20 06:55, Peter Fraser wrote:
HI All
I set up my OpenVPN Server for IT access but now everyone seems to
love and I have to be allowing more and more persons. I wonder, is
there a way to prevent one user from accessing a particular route that
is listed in the global config file.
Hi,
On 22/07/20 13:32, Richard Hector wrote:
On 21/07/20 11:23 pm, Jan Just Keijser wrote:
Hi Richard,
On 19/07/20 12:04, Richard Hector wrote:
That's what I couldn't manage - a p2p network (no client or server)
using certificates. In the end I concluded it couldn't be done, b
On 21/07/20 13:16, Jan Just Keijser wrote:
Does --keepalive work in p2p mode ?
yes it does.
as a minor followup: as the manual page states
--keepalive 10 60
translates to
if mode server:
ping 10 # Argument: interval
ping-restart 120 # Argument
Hi Richard,
On 19/07/20 12:04, Richard Hector wrote:
[...]
This is also why I never really considered the static key p2p mode when
implementing these new unit files. The advantage of these unit files are
essentially that they add more hardening outside of OpenVPN as well and the
server side wi
Hi,
On 01/07/20 14:51, Marco De Vitis wrote:
Hi,
I use OpenVPN client 2.4.9 on Windows 10 (v2004), and I have issues
with the Network Location Awareness (NLA) Windows service.
The issue is essentially described here, even though it dates back to
Windows 7:
https://docs.microsoft.com/it-it/a
Hi,
On 19/06/20 00:02, Calvin Zachman wrote:
Hi openvpn-users,
Is it possible for multiple VPN clients on the same LAN to expose the
same remote subnets to other connected clients?? I would like to run 2
VPN client instances on the same LAN exposing the same subnets (same
iroutes) for some le
Hi,
On 03/06/20 19:46, Andrea wrote:
On 03/06/2020 09:04, Jan Just Keijser wrote:
On 03/06/20 09:55, Andrea wrote:
On 02/06/2020 11:59, Jan Just Keijser wrote:
most likely you are using openvpn-systemd-resolved for this - if
so, check the script
/etc/openvpn/update-systemd-resolved
to
On 03/06/20 09:55, Andrea wrote:
On 02/06/2020 11:59, Jan Just Keijser wrote:
most likely you are using openvpn-systemd-resolved for this - if so,
check the script
/etc/openvpn/update-systemd-resolved
to see how it works. The OpenVPN binary itself does not do anything
with the received
Hi,
On 31/05/20 22:43, Andrea wrote:
Hi
I am using one of the express vpn configuration files and I have at
times issues with DNS.
Ubuntu 20.04
I simply call
sudo openvpn --config xyz
and most of the times it magically works. I am not sure how, but
routes and dns get set correctly.
In so
On 06/05/20 21:39, Gert Doering wrote:
On Mon, May 04, 2020 at 02:49:56PM +0200, Dajka Tamás wrote:
is it possible to disable "auth-nocache" in the client by a PUSH message? I
mean, if the "auth-nocache" is SET in the client.conf to "reenable"
credentials caching. What's the logic behind? When w
Hi,
On 04/05/20 14:49, Dajka Tamás wrote:
Hi,
is it possible to disable „auth-nocache” in the client by a PUSH
message? I mean, if the „auth-nocache” is SET in the client.conf to
„reenable” credentials caching. What’s the logic behind? When we
deployed the clients we did set ’auth-nocache’
Hi Gert,
On 29/04/20 13:11, Gert Doering wrote:
Hi,
On Wed, Apr 29, 2020 at 12:45:26PM +0200, Gert Doering wrote:
On Wed, Apr 29, 2020 at 12:25:02PM +0200, Jan Just Keijser wrote:
in other words, OSPF is not UDP or TCP based and hence will not easily
work over routed tunnels - which makes
On Wed, Apr 29, 2020 at 09:03:20AM +0200, free...@tango.lu wrote:
Ok so after a bit of research and finding half baked articles such as:
https://superuser.com/questions/1283125/proper-configuration-for-quagga-ospf-on-an-openvpn-network
Which makes me think OSPF is only possible with the old ta
Hi,
On 29/04/20 03:26, Erich Titl wrote:
Hi
Am 29.04.2020 um 00:45 schrieb Leroy Tennison via Openvpn-users:
I had a situation today where i was asked "telnet to the port, see if it
connects" to check their firewall configuration. I realize this isn't
going to work because telnet is tcp and t
route, I have it activated on the server, if
I have noticed that when I deactivate the public firewall, it ping
and reach the shared resources, I will try this option. Thank you
El vie., 24 abr. 2020 a las 9:49, Jan Just Keijser
(mailto:janj...@nikhef.nl>>) esc
Also, if you want to ping a host other than the VPN server ensure that
IP forwarding is enabled on the VPN server.
HTH,
JJK
El jue., 23 abr. 2020 a las 10:31, Jan Just Keijser
(mailto:janj...@nikhef.nl>>) escribió:
Hi Fernando,
On 22/04/20 08:52, Fer Nando wrote:
Hi Fernando,
On 22/04/20 08:52, Fer Nando wrote:
Good afternoon I have an openvpn server mounted on windows 10, I have
published the network with push route to access the server network
since I have a computer with shared resources.
the client connects perfectly to 10.8.0.1 (server) and I pi
Hi Arne,
On 22/04/20 10:13, Arne Schwabe wrote:
SSL_check_chain() function".
Which we don't, I just grepped through our source tree.
So, unless I misunderstand something about OpenSSL intricacies, I think
we're safe - no new installers needed, and OpenVPN is not in risk.
the advisory applie
Hi Gert,
On 21/04/20 20:59, Gert Doering wrote:
Hi,
On Tue, Apr 21, 2020 at 08:37:35PM +0200, Gert Doering wrote:
On Tue, Apr 21, 2020 at 02:15:43PM -0400, mike tancsa wrote:
Will the sec issue with OpenSSL force a new release of OpenVPN ?
https://www.openssl.org/news/secadv/20200421.tx
elopments in a crypto lib
(like GCM modes and AEAD ciphers) take such a long time to get added to
OpenVPN.
I don't quite grap why chacha20 is not available in OpenVPN - it seems
to be "just another" AEAD cipher, but I am sure that Steffan can shed
light on this.
more than a Linux kernel module that only does
encryption using some form of preshared keys (TLS is a no-no). OpenVPN
is a user-space application that does way more than that, all based on
TLS. Someone asking you to use the same encryption settings in openvpn
as in wireguard is similar
Hi,
On 02/04/20 11:55, Thomas Luening wrote:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Raspbian
Description: Raspbian GNU/Linux 10 (buster)
Release: 10
Codename: buster
$ openvpn --version
OpenVPN 2.4.8 armv7l-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO]
[LZ4]
On 30/03/20 15:38, Ralf Hildebrandt wrote:
passtos is a "forwarding" option, that is with --passtos set then the type
of service of all traffic that comes in on the OpenVPN encrypted channel is
copied over to the forwarded traffic leaving the outgoing interface (usually
the ethernet interface). H
hi Ralf,
On 30/03/20 13:53, Ralf Hildebrandt wrote:
Does the passtos option need to be set BOTH on the server and client?
passtos is a "forwarding" option, that is with --passtos set then the
type of service of all traffic that comes in on the OpenVPN encrypted
channel is copied over to the for
On 25/03/20 18:15, Fer Nando wrote:
good afternoon, i am setting up openvpn server on windows 10 and
windows 7 openvpn client.
I create the certificates, the ta.key, disable firewall, antivirus,
redirect port 1194 to the ip of the server computer. in the client I
deactivate the firewall and ant
Hi Hans,
On 13/02/20 10:15, Hans via Openvpn-users wrote:
Hi all,
Is there anyone around here, that performed a measurement what the
impact is of doing http-encapsusation (http-proxy) with openvpn?
My case:
- Client & servers are on a (huge) LAN
- client is 2.4.6, servers are 2.4.7
- Se
Hi,
On 11/02/20 12:06, Reto Schneider wrote:
On 2/10/20 5:23 PM, Jan Just Keijser wrote:
the line
push "dhcp-option DNS 10.176.0.1"
is the main suspect here... my guess as to what happens is this:
1) VPN is started
2) that line causes the local /etc/resolv.conf file to be overwr
Hi,
On 10/02/20 12:00, Reto Schneider wrote:
Hello,
I am observing the behavior of OpenVPN 2.4.7 trying to connect to IP
addresses it never should. The devices it is running on are Yocto based,
embedded, 32bit MIPS and deployed in remote networks which are not under
my control.
1) OpenVPN conn
On 03/02/20 02:12, Leslie Rhorer wrote:
Hello.
I have set up a new openvpn server with (at the moment) one
client. The client is connecting and I can ping or ssh into the
remote machine using the VPN subnet on the server, but the IP address
assigned to the client is not the one I wan
On 14/01/20 08:47, free...@tango.lu wrote:
Hello,
What is causing the following warning in the logs and what is the best
mode using on point2point links?
Normally in my previous setups I was using CCD based configs on the
servers with named config files per client. However in this setup I
w
Hi,
On 28/12/19 09:09, Leroy Tennison via Openvpn-users wrote:
Running OpenVPN 2.3.10 on Ubuntu 16.04 using a working configuration
with only the "script-security" and "client-connect" lines added.
Starting the OpenVPN server with systemctl starts it successfully and
a client can connect but
Hi Ralf,
On 07/11/19 16:20, Ralf Hildebrandt via Openvpn-users wrote:
We're (finally) running OpenVPN-2.4.8 on new(er) hardware. How can we
see if it is using the CPU based hardware crypto?
Nov 7 16:00:21 openvpn2019 tcp[704]: OpenVPN 2.4.8 x86_64-pc-linux-gnu [SSL
(OpenSSL)] [LZO] [LZ4] [EPO
On 06/11/19 15:14, Gert Doering wrote:
Hi,
On Wed, Nov 06, 2019 at 02:58:22PM +0100, David Sommerseth wrote:
We discussed last year at the hackathon a possibility to add a kind of plugin
interface to exchange the PRF with something else. Another option would be to
have a new --prf option to be
Hi David,
I am not entire sure I agree 100% with you ;)
See my comments below.
On 05/11/19 23:23, David Sommerseth wrote:
On 05/11/2019 11:09, Thomas Luening wrote:
Hello
I hope you can help me with the answers for 2 theoretical questions. When I
open a new OpenVPN session, an asymmetric RSA
Hi,
On 04/10/19 11:34, Lionel Fusco via Openvpn-users wrote:
I have barely recently begun trying this "feature," of getting files
remotely, as if I were on the LAN.
So far, it's too slow to be useful. I have SMB2+, I think 3 even.
My server (vpn) connection is solid, my current location connec
Hoi Hans,
On 15/10/19 09:26, j.witvl...@mindef.nl wrote:
Hi all,
We are about to change from one smartcard towards another, and our
team has been asked to verify whether it is compliant with some of the
applications we are responsible for.
Initially I was pretty confident that it would be
Hi there,
On 24/09/19 08:40, free...@tango.lu wrote:
Hello List,
Inconsistency is really pissing me off and I want to understand the
root cause. I have a dual xeon server on gigabit running OpenVPN 2.2.1
(sorry for the old version I will not upgrade, this working since many
years).
As clie
Hi Lorenz,
On 07/08/19 21:35, Lorenz wrote:
Huge thanks to both of you! I really appreciate you trying to help me.
On 8/6/19 5:59 PM, Jan Just Keijser wrote:
as you stated: your bridged setup is working, and your clients in
network B get their DHCP addresses from the server in network A. The
Hi Lorenz,
On 04/08/19 22:39, Lorenz wrote:
The network setup got scrambled in my previous email, so I made a
screenshot and attached it.
as you stated: your bridged setup is working, and your clients in
network B get their DHCP addresses from the server in network A. The
only thing miss
On 26/07/19 09:32, Stefan Szabo via Openvpn-users wrote:
hi,
is this option deprecated?i get this error on my client Tunnelblick
3.8.0 (build 5370)
on the server side i have the option *push “remote-gateway x.x.x.x"*
2019-07-26 09:55:52.430089 Options error: Unrecognized option or
missing o
On 24/07/19 12:29, Jan Just Keijser wrote:
On 23/07/19 19:11, Stephen Reese wrote:
Let me dive into this deeper, but this did not use to happen -
I've used CentOS 6+7 icw OpenVPN for years , including
client-connect scripts and have never seen coredumps like that.
Ar
Hi,
On 23/07/19 19:11, Stephen Reese wrote:
Let me dive into this deeper, but this did not use to happen -
I've used CentOS 6+7 icw OpenVPN for years , including
client-connect scripts and have never seen coredumps like that.
Are you using selinux? auditing? what is your policy
On 22/07/19 23:52, Stephen Reese wrote:
It's stock OpenVPN from the website but the CentOS image [1] does have
FIPS enabled which appears to have caused the problem. I disabled FIPS
on the CentOS 7 system using the following:
|yum remove dracut-fips\* dracut --force grubby --update-kernel=ALL
1 - 100 of 537 matches
Mail list logo
