Hello Guys, sorry for the late reply.
Ok, I'll wait for the fix to retest.
Another question...
Inspecting the wintun interface through the properties I saw that on the
TCP/IPv4 Properties the default option selected is "Use the following IP
address" but the IP address and the Subnet mask were
Hi
On Tue, Aug 18, 2020 at 3:42 PM Gert Doering wrote:
> Hi,
>
> On Tue, Aug 18, 2020 at 03:29:19PM -0400, Selva Nair wrote:
> > > If you already have SYSTEM, accessing wintun from openvpn directly will
> > > also work and should bring quite a bit of speed improvement.
> >
> > I was wrong to
Hi,
On Tue, Aug 18, 2020 at 09:42:48PM +0200, Gert Doering wrote:
> Indeed, you are right. Somewhere on the track we lost the ability
> to do wintun "from OpenVPN" if we *have* SYSTEM.
commit 6d19775a468, I acked it, and I should have looked closer at
all the line that got removed...
Anyway.
Hi,
On Tue, Aug 18, 2020 at 03:29:19PM -0400, Selva Nair wrote:
> > If you already have SYSTEM, accessing wintun from openvpn directly will
> > also work and should bring quite a bit of speed improvement.
>
> I was wrong to assume that this just works. Looking at it again, the current
>
Hi,
On Tue, Aug 18, 2020 at 3:21 PM Gert Doering wrote:
> Hi,
>
> On Tue, Aug 18, 2020 at 12:09:11PM -0700, Marvin Adeff wrote:
> > I???m sorry for the confusing response.
> >
> > Our systems do M2M monitoring and need to run OpenVPN even without a
> user logged in. In previous versions we
Hi,
On Tue, Aug 18, 2020 at 12:09:11PM -0700, Marvin Adeff wrote:
> I???m sorry for the confusing response.
>
> Our systems do M2M monitoring and need to run OpenVPN even without a user
> logged in. In previous versions we created a script run as a service (as
> SYSTEM) that started OpenVPN
Hi Gert,
I’m sorry for the confusing response.
Our systems do M2M monitoring and need to run OpenVPN even without a user
logged in. In previous versions we created a script run as a service (as
SYSTEM) that started OpenVPN (using certificates for authentication). It also
monitored tunnel
Hi,
On Tue, Aug 18, 2020 at 08:55:31AM -0700, Marvin Adeff wrote:
> > An additional check in openvpn.exe whether it's started as SYSTEM could be
> > useful as well, but less critical, IMO.
> Yes Please! We run 2500+ systems that run it this way as SYSTEM.
"this way" is quite a bit unclear
>
>
>
> An additional check in openvpn.exe whether it's started as SYSTEM could be
> useful as well, but less critical, IMO.
>
> Yes Please! We run 2500+ systems that run it this way as SYSTEM.
>
In most such cases (not using the GUI) one could use the automatic service
which runs as SYSTEM. For
Hi,
> An additional check in openvpn.exe whether it's started as SYSTEM could be
> useful as well, but less critical, IMO.
Yes Please! We run 2500+ systems that run it this way as SYSTEM.
Marvin ___
Openvpn-devel mailing list
Hi
On Tue, Aug 18, 2020 at 2:33 AM Gert Doering wrote:
> Hi,
>
> On Tue, Aug 18, 2020 at 08:23:35AM +0200, Gert Doering wrote:
> > This can also happen if you run the GUI with admin privs (because then
> > it will not use the iservice *but* openvpn needs *more* privs than
> > "just
Hi,
> Continueing this thought: I think we might want to abort earlier in
> the OpenVPN startup in this case, that is, "wintun and no iservice pipe".
.. and not running under NT AUTHORITY\SYSTEM.
> Lev, what do you think?
Depends if amount of code to check the above mentioned condition would
Hi,
On Tue, Aug 18, 2020 at 08:23:35AM +0200, Gert Doering wrote:
> This can also happen if you run the GUI with admin privs (because then
> it will not use the iservice *but* openvpn needs *more* privs than
> "just administrator", and wintun can not be used at all).
Continueing this thought: I
Hi,
On Tue, Aug 18, 2020 at 12:06:18AM -0300, Rafael Gava wrote:
> 2020-08-17 19:15:39 us=424470 ERROR: Wintun requires SYSTEM privileges and
> therefore should be used with interactive service. If you want to use
> openvpn from the command line, you need to do SYSTEM elevation yourself
> (for
14 matches
Mail list logo
