Re: [Openvpn-users] Unable to establish VPN

Fri, 17 Apr 2015 07:39:13 -0700 

> On Apr 17, 2015, at 09:22, debbie...@gmail.com wrote:
> Hi Chris
> 
> sorry to but in .. I just want to clear this up:

  Oh, no problem.  Happy to get any sort of feedback….

>>   Using “1.0" parses, but doesn’t fix the problem.  Same results.  Trying
>> 1.1 or 1.2 produce the same "unknown tls-version-min parameter” error on
>> startup.
> 
> The correct syntax for --tls-version-min and --tls-version-max is:
> 
> --tls-version-min version ['or-highest']
> Enable TLS version negotiation, and set the minimum TLS version we will
> accept from the peer (default is "1.0"). Examples for version include "1.0",
> "1.1", or "1.2". If 'or-highest' is specified and version is not recognized,
> we will only accept the highest TLS version supported by the local SSL
> implementation.
> If this options is not set, the code in OpenVPN 2.3.4 will default to using
> TLS 1.0 only, without any version negotiation. This reverts the beaviour to
> what OpenVPN versions up to 2.3.2 did, as it turned out that TLS version
> negotiation can lead to handshake problems due to new signature algorithms
> in TLS 1.2.
> 
> --tls-version-max version
> Set the maximum TLS version we will use (default is the highest version
> supported). Examples for version include "1.0", "1.1", or "1.2".
> 
> The parameter must be enclosed in quotes.

  It seems the quotation marks aren’t strictly required.  It was able to parse 
the
strings without them, and seemed to be interpreting them correctly.  And, adding
quotation marks around the 1.0 I’d tried doesn’t change the behavior.  I still
have the same problem.

  But thank you very much for the documentation reference.  After I get an
alternate openssl library to try this all with, I will take a deeper look at 
that.

                                    - Chris



------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to