Am 15.08.17 um 11:29 schrieb David Sommerseth: > On 15/08/17 11:17, Илья Шипицин wrote: > [...] >> > there are special cases like Mikrotik openvpn (pretty popular), where >> > user simply use what hardware vendor installed (without possibility to >> > recompile). >> > >> > should we contact such hardware vendors as well ? >> >> there might be an non-predictable number of vendors shipping their own >> openvpn version. We can't contact them all. It's their responsibility to >> stay behind the changes in what they ship. >> >> If they don't, their users will complain aloud with them ;) >> >> On top of that, this does not prevent users from using their own config, >> right? So they can still configure the client to avoid deprecated >> options. >> >> >> you cannot use regular openvpn config with Mikrotik >> https://wiki.mikrotik.com/wiki/OpenVPN >> >> you can use mikrotik configuration options > > Which just emphasizes even more that Mikrotik needs to do their own > homework on their own. Their config syntax is completely alien to us, > so we have no direct influence on how their syntax ends up as a > configuration OpenVPN is capable of understanding. And _we_ shouldn't > care how Mikrotik does that, it's their own implementation design. >
Also Mikrotek broke at least two times with my app. First when we enabled TLS 1.1+ and second time when we disabled non PFS ciphers. I have enough of their crappy OpenVPN/SSL support. Arne ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
