Hello, Thanks, I've looked at pivpn and it looks good, how do I customize my ecc keys for 512 bit instead of 254 bit and how do I get aes256-gcm instead of aes256-cbc?
The network will be 10.x.x.x/8 for vpn clients but I want connecting clients to use the openvpn server as there point of internet connectivity and to fail out if they don't, is this customizable? I'm not seeing it on the main pivpn.io page? Thanks. Dave. On 7/1/21, tincantech <tincant...@protonmail.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hi, > > all you basically need can be found at pivpn.io > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On Saturday, June 26th, 2021 at 19:49, David Mehler <dave.meh...@gmail.com> > wrote: > >> Hello, >> >> I'm wanting to set up an OpenVPN external client to an internal >> >> OpenVPN server. I've got an Orbi mesh system and I've updated it to >> >> the latest firmware. What I'm not liking about the Orbi is it's not >> >> using strong protocols and ciphers, specifically a gcm cipher and >> >> hardening the configuration of the OpenVPN server and connecting >> >> external clients. So I'm wanting to set up an internal OpenVPN server >> >> that I can forward UDP port 1194 to when the external client wants to >> >> access. The OpenVPN server is running on a Raspberry Pi 4 running >> >> Raspbian Buster I believe. >> >> I'd like to get it going to hav all of the information in to a single >> >> configuration file so I only have to distribute one file vs a separate >> >> certificate/key/tls certificate. I'm thinking from reading the docs >> >> that i'd like to also add to this file a tls-crypt section as that has >> >> the edge over the tls-auth. >> >> Does anyone have a howto with 2.5 which will get this going? My >> >> openssl version on the Pi is version 1.1.something d I think. >> >> Thanks. >> >> Dave. >> >> Openvpn-users mailing list >> >> Openvpn-users@lists.sourceforge.net >> >> https://lists.sourceforge.net/lists/listinfo/openvpn-users > -----BEGIN PGP SIGNATURE----- > Version: ProtonMail > > wsBzBAEBCAAGBQJg3hMPACEJEE+XnPZrkLidFiEECbw9RGejjXJ5xVVVT5ec > 9muQuJ1Tcwf+NnSBlTBJxS6dxeqxhPxlQHquEfWXLYY9A/eB0EcFYkToVjVv > 11R5NWGpYUcWEOUuwIP8IPQyVTXAEK9KJvoYCIq0unKwuuN8wPDUUPTsjwLF > JdjP7LAqU+SVdR2ZiEW89xSWunew+xyfcKl9kl97cqp/8ESOcauTuq24bgSY > rCdhivrcE+TSOiawgTmLp+Kx4godc+i9KMsapPgpmVZAnzBXLulxVICzYbjh > pSKp+fvFPyXpueoxIt72l74uzzLY1jhKETCV29aOp9ZFtiI1krZWdOnOI6pb > d25uNJp63emW4YCS+IzBMW89UGjO852uAro9b/Gir4y0wWzNEy40Cg== > =3abd > -----END PGP SIGNATURE----- > _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
