Application On %IAfter=syslog.target network.target [Service];Type=notify for 2.4 but this didn't workExecStart=/usr/sbin/openvpn --cd /etc/openvpn/ --config client.conf --remote %I [Install]WantedBy=multi-user.target Cheers Chris
All,
what are recommended MTU / fragment / mssfix settings for UDP road warriors?
What settings are best for clients connecting to port 443 (TCP)?
- Chris
--
___
Openvpn
n option name which is allowed to be filtered (for now:
"ifconfig" and "route", more maybe later) is detected
- 3rd option defines the filter for that option name (prefix-style
filter for now, maybe some regex-style filter sometime later)
I think this would be a very clean solu
n and "option-filter" is a partial match.
As you wrote having things like 'Note the space at the end of "route "
to not reject "route-gateway"' is error prone. Users might complain
about hard-to-explain config errors. Or even worse, one filter may
wo
On Fri, May 13, 2016 at 7:44 PM, Gert Doering <g...@greenie.muc.de> wrote:
> On Fri, May 13, 2016 at 05:51:20PM +0200, Chris Laif wrote:
>> I wonder if there is an easy way to protect the client from executing
>> ifconfig/route-statements sent by an (untrusted) server. I th
On Apr 17, 2015, at 09:22, debbie...@gmail.com wrote:
Hi Chris
sorry to but in .. I just want to clear this up:
Oh, no problem. Happy to get any sort of feedback….
Using “1.0 parses, but doesn’t fix the problem. Same results. Trying
1.1 or 1.2 produce the same unknown tls-version
on the server side, and then fixing a
user error, I’m operational. Hopefully, all else will be clear to me from here
on out. :-)
- Chris
--
BPM Camp - Free
On Apr 16, 2015, at 09:51, Chris Ross cross+open...@distal.com wrote:
On Apr 16, 2015, at 03:01, Jan Just Keijser janj...@nikhef.nl wrote:
if no list of TLS ciphers is specified then the client will attempt the full
list of ciphers that you see with --with-tls ; with OpenSSL it is actually
On Apr 16, 2015, at 10:04, Chris Ross cross+open...@distal.com wrote:
On Apr 16, 2015, at 09:51, Chris Ross cross+open...@distal.com wrote:
On Apr 16, 2015, at 03:01, Jan Just Keijser janj...@nikhef.nl wrote:
One thing you could try is to run the underlying openssl command on both
client
to
understand and draw a solution for myself from.
Thanks much…
- Chris
--
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process
obscured, this is the server-side config. Thanks for your
help…
- Chris
;local a.b.c.d
port 1194
proto tcp
;proto udp
;dev tap
dev tun
ca cert/distal-ca.crt
cert cert/distalvpn.crt
key private/distalvpn.key # This file should
Dear All,
is it possible to assign a client a mandatory IP address that can't be
changed?
Thank you in advance.
- Chris
--
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel
effectively,
it's forcing the address)
that's what I was looking for. Thank you!
- Chris
--
Dive into the World of Parallel Programming! The Go Parallel Website,
sponsored by Intel and developed in partnership
meetup.com.
Thanks,
Chris Westin
--
LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99!
1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint
2013, SQL 2012, MVC 4, more. BEST VALUE
14 matches
Mail list logo