Hi all, I'm now hardening our OpenVPN Production Server. I've managed to hardened all required aspects, except the HMAC/TLS-AUTH option.
AFAICT, activating the HMAC extra security mechanism, will force me to reconfigure all clients, with the risk of failure and a lot of downtime. The only way a client/remote network can connect is through a specific CCD file. Is there any way I can have this feature, but optional ? Something like activating tls-auth on a ccd file only. This way it would be a smooth transition. Otherwise I would have to schedule a maintenance window, which would be be cumbersome. Thanks a lot for all your help, Rui ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users