>On Tue, 22 Aug 2023 08:20:24 + (UTC), Jason Long via Openvpn-users
> wrote:
>Yes. The file under the CCD directory is exactly as the Common Name of the
>client.
>So if you have set a requirement for the client to have a ccd entry in order to
>connect and this client ha
>Hi,
On Wed, Aug 23, 2023 at 06:41:35AM +0000, Jason Long via Openvpn-users wrote:
> Hello,
> My server and client use range 10.0.2.X:
>
> Server: 10.0.2.15
> Client: 10.0.2.16
>If this is the "outside" IP (LAN NIC) that client and server use to
>setup a VP
Hello,With the help of the following command, you can revoke a certificate:
# ./revoke-full "Client_Name"
Now if you change your mind, is it possible to use that certificate again? Is
there a command to validate a revoked certificate?
Thank you.___
Op
On 25.08.23 21:41, Jason Long via Openvpn-users wrote:
> Hello,With the help of the following command, you can revoke a certificate:
> # ./revoke-full "Client_Name"
> Now if you change your mind, is it possible to use that certificate again?
> Is there a command to validate
On Sat, 26 Aug 2023 05:32:56 + (UTC), Jason Long via Openvpn-users
wrote:
>On 25.08.23 21:41, Jason Long via Openvpn-users wrote:
>> Hello,With the help of the following command, you can revoke a certificate:
>> # ./revoke-full "Client_Name"
>> Now if you chan
>On 26.08.23 07:32, Jason Long wrote:
> 1- How do you give keys to a large number of clients? Suppose there are
> 1000 employees in a company, do all employees have to go to the IT
> department of that company to get the client keys?
>Certificates are technical proof that the CA trusts the h
On Sun, Aug 27, 2023 at 1:33 PM, Jochen Bern
wrote: On 27.08.23 07:49, Jason Long wrote:
> 1- When a key is generated, how many days is the default time for it to
> expire?
>Whatever your configuration files say. And >frankly, just generating one
>and *looking* at it might tell you *even fas
Hello,
Why in the OpenVPN log, I see the following line:
Protocol options: explicit-exit-notify 1, protocol-flags cc-exit tls-ekm
dyn-tls-crypt
Thank you.
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.n
Hello,
I configured OpenVPN to use the username and password for authentication, but I
need to have the "ca.crt", "cert server.crt", "server.key" and "dh.pem"
certificates.
So, what's the advantage of using this authentication method when I still need
to use these keys?
Thank you.
___
>On 30/08/2023 07:45, Jason Long via Openvpn-users wrote:
> Hello,
> I configured OpenVPN to use the username and password for authentication, but
> I need to have the "ca.crt", "cert server.crt", "server.key" and "dh.pem"
> certificates.
On Wed, Aug 30, 2023 at 5:36 PM, Gert Doering
wrote: >Hi,
>On Wed, Aug 30, 2023 at 01:53:40PM +0000, >Jason Long via Openvpn-users wrote:
> Thank you so much for your reply.
> As I understand, The "ca.crt" and "ta.crt" keys >are mandatory. I disabled
>
Hello,
I installed the openvpn-auth-ldap package and I want to use the Active
Directory for authentication.
I Opened Active Directory Users And Computers. Clicked the View menu and
selected Advanced Features. After it, I right-clicked on my username and
selected the Properties, then clicked the
Hello,
I have two VMs in VirtualBox and selected the NAT Network type for their
networking.
For both VMs, I configured the network manually. On Server (Debian) my network
configuration is:
enp0s3: flags=4163 mtu 1500
inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
in
>Hi,
>On Sat, Sep 02, 2023 at 11:44:08AM +, Jason Long via Openvpn-users wrote:
> I connected to the server, but default gateway not set:
>
> Unknown adapter OpenVPN TAP-Windows6:
>
> Connection-specific DNS Suffix . :
> Link-local IPv6 Address . . . . . : f
Hello,
When I use "server 10.8.0.0 255.255.255.0" in the Server.conf file, then
OpenVPN assigns IP addresses to clients respectively. What should I do if I
want to assign a specific IP address to a client with a specific computer name
or MAC address?
Thank you.
__
>Le 03/09/2023 à 08:48, Jason Long via Openvpn-users a écrit :
> Hello,
> When I use "server 10.8.0.0 255.255.255.0" in the Server.conf file, then
> OpenVPN assigns IP addresses to clients respectively. What should I do if I
> want to assign a specific IP >address
On Sun, Sep 3, 2023 at 5:38 PM, Bruno Tréguier via Openvpn-users
wrote: Le 03/09/2023 à 15:23, Jason
Long a écrit :
> Hello,
> As I said, I have some scenario and I want to >learn more.
>By abusively relying on others? Strange way to >achieve your goals.
> Do you mean "ccd-exclusive"? If ye
>Le 03/09/2023 à 15:23, Jason Long a écrit :
> Hello,
> As I said, I have some scenario and I want to learn more.
>By abusively relying on others? Strange way to achieve your goals.
> Do you mean "ccd-exclusive"? If yes, then I edited the Server.conf as below:
>
> ifconfig 20.1.0.1 255.255.255.0
>On Sun, 03 Sep 2023 15:39:56 +, tincantech via Openvpn-users
wrote:
>Your continued use
>of this mailing list as an alternative to reading any documentation
>has not gone unnoticed.
>+1
>And it should result in *everyone* to stop responding to this list spammer who
>does not care reading t
>Hi,
>On 03/09/2023 20:50, Jason Long via Openvpn-users wrote:
> I read those steps from an OpenVPN document. Can you tell me where
> the problem is?
>There is no problem.
>It is simply not possible to "configure" OpenVPN to assign an IP address
>based o
>On 03/09/2023 15:23, Jason Long via Openvpn-users wrote:
>
> Hello,
> As I said, I have some scenario and I want to learn more.
>Have you ordered any of the books you've been recommended? Have you
>read any of them?
>I would say you are pretty closed to gettin
>On 03/09/2023 15:23, Jason Long via Openvpn-users wrote:
>
> Hello,
> As I said, I have some scenario and I want to learn more.
>Have you ordered any of the books you've been recommended? Have you
>read any of them?
>I would say you are pretty closed to gettin
>Hi,
On Sun, Sep 03, 2023 at 06:05:09AM +, Jason Long wrote:
> push "route 10.0.2.0 255.255.255.0 10.0.2.2 1"
> push "dhcp-option DNS 172.20.1.2"
> push "dhcp-option DNS 172.20.1.7"
> push "redirect-gateway autolocal"
>This *should* install a default gateway, but if it doesn't, check the
>cli
Hello,I have two questions:1- When someone connects to an OpenVPN server, is it
possible to be redirected to duckduckgo.com when trying to go to google.com?
2- How can I block access to certain websites?
Does OpenVPN offer such features?
Thank you.___
Hello,
My OpenVPN server started, but I got the following message in the "openvpn.log":
--user specified but lacking CAP_SETPCAP. Cannot retain CAP_NET_ADMIN.
Disabling data channel offload
My server.conf is:
port 2023
proto udp
dev tun1
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/Se
Hello,Is there a tool to measure the security of OpenVPN connection? Something
that tells if the security parameters used in the configuration file are
sufficient or not.
Thank you.___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
htt
Hello,
I was able to combine OpenVPN with Tor using
"https://gist.github.com/kremalicious/4c333c8c54fced00ab10c0a892a2304d";
tutorial.
When I connect to the OpenVPN network without a Tor, I can ping the computers
on the internal network by name, but with that configuration, I can't ping the
com
>On Saturday, November 4, 2023 at 05:31:40 PM GMT+3:30, tincantech
> wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA256
>Hi,
>Your DNS server is non-local and you are most likely
>redirecting your gateway to the VPN.
>So, DNS packets for your DNS server are set into the
>tunnel and are f
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA256
>Hi,
>--- Original Message ---
>On Monday, November 6th, 2023 at 12:26, Jason Long wrote:
>
>
> Hello,
> Thank you so much for your reply.
> Some lines of my server.conf file are:
>
> push "redirect-gateway def1 bypass-dhcp"
> push "d
>Hi,
>On Wed, Nov 01, 2023 at 05:16:52PM +, Jason Long via Openvpn-users wrote:
> Hello,Is there a tool to measure the security of OpenVPN connection?
> Something that tells if the security parameters used in the configuration
> file are sufficient or not.
>For TL
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA256
>Hi,
>On Tuesday, 7 November 2023 at 05:27, Jason Long wrote:
>
>
> Hello,
> I added the following line to the server.conf file:
>
> push "route 172.20.0.0 255.255.255.0"
>
> Then, I restarted the OpenVPN service:
>
> # systemctl restart op
Hello,
Suppose the OpenVPN server is located in another country, but the DNS server is
inside the company. What options should be included in the server and client
configuration file?
Thank you.
___
Openvpn-users mailing list
Openvpn-users@lists.sour
> On 06/12/2023 11:09, Jason Long via Openvpn-users wrote:
> Hello,
> Suppose the OpenVPN server is located in another country, but the DNS server
> is inside the company. What options should be included in the server and
> client configuration >file?
>
> Thank you
Hello,
How can I download the Reference manual for OpenVPN 2.6
(https://openvpn.net/community-resources/reference-manual-for-openvpn-2-6/) as
a PDF file?
Thank you.
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sou
Hello,
If I want to use the "tls-crypt" option, then the "ta.key" must be a separate
file and it cannot be merged with the rest of the keys in one file. To be
honest, it is difficult to use for both computer and mobile users because it is
two files.
Is there a solution?
Thank you.
___
> On 11/12/2023 11:18, Jason Long via Openvpn-users wrote:
> Hello,
> If I want to use the "tls-crypt" option, then the "ta.key" must be a separate
> file and it cannot be merged with the rest of the keys in one file. To be
> honest, it is difficult to use
> You need to check the server log to understand what's going on.
> Cheers,
On December 12, 2023 6:59:40 AM GMT+01:00, Jason Long
wrote:
> > On 11/12/2023 11:18, Jason Long via Openvpn-users wrote:
>> Hello,
>> If I want to use the "tls-crypt" option, t
> Hi,
> On Tue, Dec 12, 2023 at 05:59:40AM +, Jason Long via Openvpn-users wrote:
> https://paste.mozilla.org/CwWTPPW0
> I'd guess it's the "key-direction" line getting in the way. Remove this
> from both client and server config.
> Also, you are
:13, Hans via Openvpn-users
> wrote:
>
>
>
> >
> > From: "Antonio Quartulli"
> > Date: Monday, 11 December 2023 at 12:02:33
> > To: "Jason Long" , "Tincantech via Openvpn-users"
> >
> > Subject: Re: [Open
Hello,My server and client configurations are as follows:
https://paste.mozilla.org/sR05JKfV
https://paste.mozilla.org/PxsW6MC8
Are these suitable in terms of security? Do you have any suggestions to improve
them?
Thank you.
___
Openvpn-users mailing lis
Hello,How can I change the 2048 bit OpenVPN static key to 4096?When generating
the Diffie-Hellman key, I chose it to be 4096 bits, are these two related?
Thank you.___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourcefo
>Hello,
>My server and client configurations are as follows:
>https://paste.mozilla.org/sR05JKfV
>https://paste.mozilla.org/PxsW6MC8
>Are these suitable in terms of security? Do you have any suggestions to
>improve them?
>Thank you.
___
>Openvpn-use
> hi,
> On Wed, Dec 27, 2023 at 09:48:34AM +, Jason Long via Openvpn-users wrote:
> >My server and client configurations are as follows:
>
> >https://paste.mozilla.org/sR05JKfV
>
> >https://paste.mozilla.org/PxsW6MC8
>
> >Are these suitable in terms o
101 - 143 of 143 matches
Mail list logo
