Hi, On Thu, 27 Aug 2020 at 06:39, William Muriithi <will...@perasotech.com> wrote: > I have a client that has an old openVPN client that can't currently connect > to the server because he doesn't meet the minimal TLS version. I would > rather not lower the TLS version on the server side for all the clients and > was wondering if its possible to allow just one client with a lower TLS > version. > > Can one use client-config-dir to provide a client with a unique TLS version > to use between the server and the client?
That's not possible, because the ccd files are parsed *after* the TLS handshake has occurred. It would indeed be nice to not reduce tls-version-min for all clients, but the way out would rather be to upgrade your old client. Or if you must, run a second OpenVPN instance for legacy clients with a different tls-version-min. -Steffan _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users