Hi Chris sorry to but in .. I just want to clear this up:
----- Original Message ----- From: "Jan Just Keijser" <janj...@nikhef.nl> To: "Chris Ross" <cross+open...@distal.com> Cc: <openvpn-users@lists.sourceforge.net> Sent: Friday, April 17, 2015 12:49 PM Subject: Re: [Openvpn-users] Unable to establish VPN Hi, On 16/04/15 17:08, Chris Ross wrote: >> On Apr 16, 2015, at 10:44, Jan Just Keijser <janj...@nikhef.nl> wrote: > >> Can you try adding the flag >> tls-version-min 1 >> to the server config? > Not with openvpn 2.3.6, it seems: > > Apr 16 10:47:11 bifröst openvpn[6175]: Options error: unknown > tls-version-min parameter: 1 > > Using “1.0" parses, but doesn’t fix the problem. Same results. Trying > 1.1 or 1.2 produce the same "unknown tls-version-min parameter” error on > startup. The correct syntax for --tls-version-min and --tls-version-max is: --tls-version-min version ['or-highest'] Enable TLS version negotiation, and set the minimum TLS version we will accept from the peer (default is "1.0"). Examples for version include "1.0", "1.1", or "1.2". If 'or-highest' is specified and version is not recognized, we will only accept the highest TLS version supported by the local SSL implementation. If this options is not set, the code in OpenVPN 2.3.4 will default to using TLS 1.0 only, without any version negotiation. This reverts the beaviour to what OpenVPN versions up to 2.3.2 did, as it turned out that TLS version negotiation can lead to handshake problems due to new signature algorithms in TLS 1.2. --tls-version-max version Set the maximum TLS version we will use (default is the highest version supported). Examples for version include "1.0", "1.1", or "1.2". The parameter must be enclosed in quotes. https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage#lbAK ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
