2017-07-17 17:01 GMT+05:00 Jan Just Keijser <janj...@nikhef.nl>:
> Hi all,
>
> On 17/07/17 12:34, Samuli Seppänen wrote:
>
>> On 15/07/2017 00:43, Jan Just Keijser wrote:
>>
>>> Hi Samuli,
>>>
>>> On 14/07/17 16:07, Samuli Seppänen wrote:
>>>
>>>> Hi all,
>>>>
>>>> Those of you who use pkcs11 on Windows: could you please test this new
>>>> Windows installer:
>>>>
>>>> <http://build.openvpn.net/downloads/releases/openvpn-install
>>>> -2.4.3-I602.exe>
>>>>
>>>>
>>>> The previous installer(s) had pkcs11-helper 1.11. This one has 1.22, so
>>>> some regression testing would be good to have.
>>>>
>>>> I'd like to push the updated installer out early next week, preferably
>>>> on Monday.
>>>>
>>>> nice to see that pkcs11 support is still included in the Windows
>>> version; I can test the installer on monday morning(no Windows laptop in
>>> my house ;)) I will let you know my findings.
>>>
>>> cheers,
>>>
>>> JJK
>>>
>>> Hi JJK,
>>
>> Excellent, thanks! I will push out the new installer if everything looks
>> good at your end.
>>
>>
> good news and bad news:
>
> + the pkcs11 stuff works as expected, no problems there
> - with openvpn 2.4.3 my existing setup using "redirect-gateway def1"
> stopped working!
>
> I'll downgrade OpenVPN to see if this problem was already there in 2.3.XX
> ; what happens is this:
> - openvpn wants to add a direct route to the VPN server
> - there happen to be TWO gateways to that server with the SAME IP address,
> one via wired ethernet, one via wireless
> - openvpn gets confused and says "route gateway is ambiguous" and refuses
> to add it
>
@mattock , can we have community meeting, please ?
there were a discussion (regarding changes in openvpn-gui <--> openvpn-core
interoperation) on how to serve routing issues.
there were two suggestions, either make route errors fatal or translate
them to openvpn-gui level.
currently, it is no good
(yes, current error would not have been resolved by those changes, but
error indication would be more clear)
> - after that, all traffic is jammed, as there is no direct route to the
> VPN server itself, and thus all encrypted traffic is fed back into the
> tunnel, where it is encrypted again, etc etc ("biting your own tail").
>
> Disconnecting either wired or wireless solves the issue AFTER restarting
> OpenVPN. Annoying.
> It looks like a (minor) patch is needed to deal with this special case
>
> cheers,
>
> JJK
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
