Re: [Openvpn-users] OpenVPN 2.5-rc3 released

Mon, 19 Oct 2020 10:18:00 -0700 

> The OpenVPN community project team is proud to release OpenVPN
> 2.5-rc3. Source code and Windows installers can be downloaded from our
> download page:

I've got an issue here:

Connections using my working 2.4.x config issue some warnings (that's
expected!), but the warnings make no sense:

2020-10-19 18:49:45 Option 'key-direction' in charite-hildeb.ovpn:33 is ignored 
by previous <connection> blocks 
2020-10-19 18:49:45 Option 'tls-auth' in charite-hildeb.ovpn:34 is ignored by 
previous <connection> blocks 
2020-10-19 18:49:45 OpenVPN 2.5_rc3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] 
[LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 30 2020

here goes my config:

1  # Konfiguration fuer Charite-OpenVPN
2  client
3  dev tun
4
5  # hostname v4/udp
6  <connection>
7  proto udp
8  remote somehost.charite.de 
9  port 1194
10 explicit-exit-notify
11 nobind
12</connection>
13
14 # hostname v4/tcp
15 <connection>
16 proto tcp
17 remote somehost.charite.de 
18 port 1194
19 nobind
20 </connection>
21
22 # ausfall v4
23 <connection>
24 proto udp
25 remote 217.199.x.y
26 port 1194
27 explicit-exit-notify
28 nobind
29 </connection>
30
31 resolv-retry infinite
32
33 cipher AES-256-CBC
34 data-ciphers AES-256-CBC
35 auth SHA256
36 remote-cert-tls server
... etc. ...

As you can see, line 33 and 34 don't even contain "key-direction" OR
"tls-auth"!

Some do:

$ cat -n charite-hildeb.ovpn |egrep "(key-direction|tls-auth)"
50 key-direction 1
51 <tls-auth>
73 </tls-auth>

What's the issue her anyway (apart from the creative line numbers)?
The order or the key-direction / tls-auth statements in respect to the
<connection> blocks?

--
Ralf Hildebrandt
Charité - Universitätsmedizin Berlin
Geschäftsbereich IT | Abteilung Netzwerk

Campus Benjamin Franklin (CBF)
Haus I | 1. OG | Raum 105
Hindenburgdamm 30 | D-12203 Berlin

Tel. +49 30 450 570 155
ralf.hildebra...@charite.de
https://www.charite.de


_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to