Re: VPN for a newbie

2022-11-02 Thread T K
Probably the easiest way to accomplish your task to run wireguard on your OpenBSD machine. It has pretty well client software for windows, android, and so on... Take a look at this tutorial (there are lots of different resources to be googled)

Re: VPN for a newbie

2022-11-02 Thread A Tammy
On 11/2/22 21:02, Odd Martin Baanrud wrote: > Hello, > > I’m planning to set up a VPN. > The problem is, I get confused about all the features and possibilities, so I > really don’t know where to start. > > I’m running OpenBSD on my router, and a Debian-server behind it, providing > several

VPN for a newbie

2022-11-02 Thread Odd Martin Baanrud
Hello, I’m planning to set up a VPN. The problem is, I get confused about all the features and possibilities, so I really don’t know where to start. I’m running OpenBSD on my router, and a Debian-server behind it, providing several public services, off course using nat/rdr with PF. My first

Re: Multihop BFD support on OpenBSD

2022-11-02 Thread Peter Hessler
Hi, You may have noticed that our BFD implementation is not enabled, and that is because it is not yet finished. Multi-hop support is one of the things that is on a TODO list, but there is no intention on working on that feature in the near future. Additionally, there is no intention of making a

Multihop BFD support on OpenBSD

2022-11-02 Thread Nallan Chakravarthy, Sudarshan
Hello OpenBSD Team, I’m Sudarshan, a software developer at NetApp. cc’d are my colleagues at NetApp. I have been going through OpenBSD’s BFD implementation with an intention of using it for one of our use

Re: Suspend not working Lenovo X1 Nano Gen 2

2022-11-02 Thread Mike Larkin
On Wed, Nov 02, 2022 at 02:31:56PM +, Ottavio Caruso wrote: > Op 01/11/2022 om 22:50 schreef Mike Larkin: > > On Tue, Nov 01, 2022 at 05:05:21PM -0500, Jason Morris wrote: > > > Hi Everyone, > > > > > > I've upgraded from a X1 Nano Gen 1 and noticed that suspend isn't working > > > on the new

Re: 2FA VPNs

2022-11-02 Thread Zack Newman
If anyone's got any good suggestions on how to do VPNs with 2FA on an OpenBSD gateway for non-technical users to access (iOS, Android, Windows clients) I'd love to hear them. I could bodge something together with openvpn and TOTP but it doesn't exactly spark joy. Ideally the VPN server would

autoinstall behavior on the nameservers has changed in OpenBSD 7.2

2022-11-02 Thread Frederik Konietzny
Hi, for our OpenBSD PXE/autoinstall environment we are using a IPv4 PXE server and a OpenBSD mirror with IPv6 address. Since OpenBSD 7.2 we have an issue with the nameservers during the autoinstall process. (OpenBSD 6.9, 7.0 and 7.1 work fine) If we start a VM to install OpenBSD 7.2 via PXE

Re: 2FA VPNs

2022-11-02 Thread Uwe Werler
On 02 Nov 02:05, Stuart Henderson wrote: > If anyone's got any good suggestions on how to do VPNs with 2FA > on an OpenBSD gateway for non-technical users to access (iOS, Android, > Windows clients) I'd love to hear them. > > I could bodge something together with openvpn and TOTP but it doesn't >

Re: 2FA VPNs

2022-11-02 Thread Janne Johansson
Perhaps have authpf add clients to a PF table which allows them to vpn in? The ssh part could have all kinds of S/Key and certificate additions if need be. Or have people wireguard into the bastion host first, then use authpf to be let further into the network, since wg is far more silent when it