On 2014-08-01 18:11, Joe Patterson wrote:
> Generally speaking, I'd say use a sniffer on the server (assuming
> that's an option for you)
Thanks for the advice -- I was banging my head against a wall, and was
getting nowhere. I can't explain how the netcat-over-UDP worked; I
bumped my MTU down
Generally speaking, I'd say use a sniffer on the server (assuming that's an
option for you)
Or, you could run netcat on each side and openvpn on the other side, and
see which one is seeing what (it'll fail still, but you should see
*something*)
Do the server logs show anything when the client att
Hi -- for any number of reasons, I'd prefer to use UDP for my OpenVPN
setup. But a curious thing: if I fire up UDP, my handshake times out.
TCP works great. "So UDP is blocked, you moron. Get over it." Well...
it isn't. I opened a whole slew of ports with netcat (expecting I'd
have to fin
Hi Dave,
On 01.08.14 23:29 CEST, davidg12...@fast-email.com wrote:
>> Keep thinking of the OpenVPN setup as just 2 routers with a fixed Ethernet
>> cable in between.
>> That in reality the "ethernet cable" is a VPN tunnel does not change the
>> routing setup.
>
> I guess that might be some of m
Hi Bonno
Wow. Lots to think about. Once I get this all done, I'm thinking a wiki page
contribution, "by noob, for noob" will be in order!
On 08/01/2014 01:35 PM, Bonno Bloksma wrote:
> Keep thinking of the OpenVPN setup as just 2 routers with a fixed Ethernet
> cable in between.
> That in real
Hi Dave,
>> Not "just one service".
>>
>> "just one target network", yes, but stuff like "but just for one
>> source IP and not all other PCs using that router" or "just one specific
>> port"
>> *can* be done (unlike most other VPNs) but it's work, and needs deep
>> understanding of TCP/IP, r
Hi Gert
On 08/01/2014 10:21 AM, Gert Doering wrote:> Hi,
> Not "just one service".
>
> "just one target network", yes, but stuff like "but just for one source
> IP and not all other PCs using that router" or "just one specific port"
> *can* be done (unlike most other VPNs) but it's work, and nee
Hi,
On Fri, Aug 01, 2014 at 08:37:11AM -0700, davidg12...@fast-email.com wrote:
> Why would you consider it "error prone"? I thought this is one of the things
> Openvpn is SUPPOSED to do?
Not "just one service".
"just one target network", yes, but stuff like "but just for one source
IP and no
Hi Mathias,
On 08/01/2014 09:10 AM, Mathias Jeschke wrote:> Hi Dave,
> Sure, one route is for the requests from first location and the other
> route is needed for the responses sent by the peer at the second
> location ;)
I thought the responses were dealt with by firewall masquerading and nat-in
Hi Dave,
Am 01.08.14 17:37, schrieb davidg12...@fast-email.com:
>> If you *really* want to send everthing else except your "service
>> traffic" over the internet that would require more configuration on both
>> routers.
>
> On BOTH? Ok, I really didn't figure that. I really don't get this stuff
Hi Mathias
On Fri, Aug 1, 2014, at 07:44 AM, Mathias Jeschke wrote:
> If you *really* want to send everthing else except your "service
> traffic" over the internet that would require more configuration on both
> routers.
On BOTH? Ok, I really didn't figure that. I really don't get this stuff yet
Hi Dave,
Am 01.08.14 16:06, schrieb davidg12...@fast-email.com:
> My question is what specific routes do I need to put on what boxes?
> Do I need to just put some sort of a static route on the desktop?
> Something also on the Location2 router? Or something in the Openvpn config?
The configuratio
Hi all,
I finally got our lan connected to another location using Openvpn.
The vpn connection is made at the 2 locations' edge routers.Everything's
working in terms of connection and reconnection across boots and so on.
I can ping back and forth from router to router. Took me a while with
Hi,
On Fri, Aug 01, 2014 at 02:29:27PM +0200, Lisa Minogue wrote:
> > Serious misunderstanding here: you do NOT need to update OpenVPN "per se"
> > to be secure from Heartbleed. To the contrary, if you just update OpenVPN
> > to 2.3.4, and leave OpenSSL at a vulnerable version, OpenVPN will
>
On Fri, Aug 01, 2014 at 11:27:26AM +0200, Lisa Minogue wrote:
> A few days ago I asked about Debian's old version on this mailing list
> as I thought some of you guys might know why Debian has not upgraded
> its package. I was just being curious.
Did you see me answering?
Greetings
Marc
--
Hi Gert,
> Serious misunderstanding here: you do NOT need to update OpenVPN "per se" to
> be secure from Heartbleed. To the contrary, if you just update OpenVPN to
> 2.3.4, and leave OpenSSL at a vulnerable version, OpenVPN will
> *still* be vulnerable.
>
> 2.3.3 and 2.3.4 releases contain us
Hi Lisa,
On 08/01/2014 11:27 AM, Lisa Minogue wrote:
[...]
>As I wrote earlier I have no problem getting 2.3.4 package
>for Debian as Samuli compiled and created it for Debian/Ubuntu users.
>I was curious as to why Debian Jessie is still keeping the 2.3.2 version.
Maybe it's helpful to have a l
Hi,
On Fri, Aug 01, 2014 at 11:27:26AM +0200, Lisa Minogue wrote:
> > people in both OpenBSD and Debian usually (always?) do what they think is
> > right. probably, you will get more luck if you ask them directly why do
> > they do so.
>
> I did write to them. Do you remember the Heartbleed vul
> people in both OpenBSD and Debian usually (always?) do what they think is
> right. probably, you will get more luck if you ask them directly why do they
> do so.
I did write to them. Do you remember the Heartbleed vulnerability/bug? Right
after OpenSSL issued a fix for it and OpenVPN upgraded
Hi Gert,
> The hobby is fine, but the questions you ask give me the impression that
> OpenBSD and you won't get along too well. OpenBSD is very user friendly, but
> it's very selective who its friends are.
Sorry for not having replied to you sooner. I was preoccupied with some girl
stuff, hel
20 matches
Mail list logo
