[Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
If anyone out there is running 1.5-beta5 or later on OpenBSD, FreeBSD, NetBSD, Mac OS X, or Linux 2.2, please let me know. I want to make sure that 1.5 is tested on everything before 1.5 final is released. Thanks, James
Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
James Yonan wrote: If anyone out there is running 1.5-beta5 or later on OpenBSD, FreeBSD, NetBSD, Mac OS X, or Linux 2.2, please let me know. i test it today in the following conf: linux 2.4 (openvpn 1.3) <-> openbsd 3.2-stable (beta): ping OK linux 2.4 (1.3 or beta) <-> windows2k (beta): problem on linux side with tap # /tmp/openvpn-1.5-beta6/openvpn --cd /etc/openvpn/ --config vpn10.conf [ snip ] Tue Aug 19 15:06:55 2003 6: Data Channel MTU parms [ link_mtu=1609 extra_frame=45 extra_buffer=19 extra_tun=64 ] Tue Aug 19 15:06:55 2003 7: TUN/TAP device tap0 opened Tue Aug 19 15:06:55 2003 8: tap0 is not a tun device. The --ifconfig option works only for tun devices. You should use an --up script to ifconfig a tap device. Tue Aug 19 15:06:55 2003 9: Exiting note than /dev/tunX exist but no /dev/tapX vpn10.conf: dev tap0 remote 192.168.2.10 ifconfig 10.0.3.2 10.0.3.1 up ./tap.up secret key/test.txt user nobody group nogroup comp-lzo ping 15 verb 3 tun-mtu 1500 tun-mtu-extra 6 i will try to test it on openbsd 3.4-beta for the end of the week. Regards Julien
Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
works well with openbsd 3.4-beta question regarding windows openvpn (thanks a lot for this :), is it possible to have some script executed (like add a route for the other side subnet) ? Regards Julien
Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
> question regarding windows openvpn (thanks a lot for this :), is it > possible to have some script executed (like add a route for the other > side subnet) ? I'm thinking about something like this in a more generalized context, where OpenVPN running as a server would actually generate the config file for the client, and send it to the client via SSL after an initial authentication handshake. This would simplify the configuration on the client side, and allow the server to send routes back to the client. James
Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
On Sun, 31 Aug 2003, James Yonan wrote: > I'm thinking about something like this in a more generalized context, where > OpenVPN running as a server would actually generate the config file for the > client, and send it to the client via SSL after an initial authentication > handshake. This would simplify the configuration on the client side, and > allow the server to send routes back to the client. I wonder if this could be extended to a general configuration handshake, where the client could opt out of some options, for example LZO compression or tun vs. tap. (One should think the client would always want to compress data to avoid redundancy-based or "known-plaintext" attacks on the encrypted connection, but anyways.) -- Matthias Andree Encrypt your mail: my GnuPG key ID is 0x052E7D95
Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
James Yonan wrote: I'm thinking about something like this in a more generalized context, where OpenVPN running as a server would actually generate the config file for the client, and send it to the client via SSL after an initial authentication handshake. This would simplify the configuration on the client side, and allow the server to send routes back to the client. one extra could be: for a client side hidden behind a gateway (so no public ip) could contact and establish a vpn with a public box. would it be possible without any relay on the client gateway ? Regards Julien
Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
julien Touche wrote: one extra could be: for a client side hidden behind a gateway (so no public ip) could contact and establish a vpn with a public box. would it be possible without any relay on the client gateway ? finally, what about this question ? do you think it is possible ? thanks & regards Julien
Re: [Openvpn-devel] Need 1.5 beta testers for *BSD, Linux 2.2, OS X
James Yonan wrote: If you are asking if OpenVPN works with NAT, the answer is yes. not really, would be more: does it work with one host having a remote publiv vpn server and the server treating with anyone having pass/cert without knowing its ip and not being able to join host ? setup like this host1 <- private network -> gateway1 <- internet -> host2 want a vpn between host and host2. host1 has no public ip so it is able to join any public internet server like host2 but not the reverse if there is no established conn before. is it sufficient for openvpn or not ? in this setup, host2 cannot initiate conn to host1 (right ?), but host1 can. Regards Julien