Re: [Openvpn-users] the local and remove vpn endpoints must exist within the same 255.255.255.252 subnet

Hi Pol, On 06/05/14 21:16, Pol Hallen wrote: > Hi Jan and thanks for your reply :-) > >> Linux and freebsd are less sensitive to this > ok > >> try using >>ifconfig-push 10.10.10.6 10.10.10.5 > cheers! Works! > Can you explain me why your solution works? what about 10.10.10.5? this is how

Re: [Openvpn-users] the local and remove vpn endpoints must exist within the same 255.255.255.252 subnet

Hi Jan and thanks for your reply :-) > Linux and freebsd are less sensitive to this ok > try using > ifconfig-push 10.10.10.6 10.10.10.5 cheers! Works! Can you explain me why your solution works? what about 10.10.10.5? > Alternatively [...] and use > ifconfig-push 10.10.10.6 255.255.2

Re: [Openvpn-users] 100% CPU without traffic

Florent B wrote: > Hi Jan, > > make test is giving me : > > ALL TESTS SUCCESSFUL. > > > And openssl speed -engine padlock -evp bf-cbc : > > > engine "padlock" set. > Doing bf-cbc for 3s on 16 size blocks: 7954726 bf-cbc's in 3.00s > Doing bf-cbc for 3s on 64 size blocks: 2356547 bf-cbc's in 3.00s >

Re: [Openvpn-users] 100% CPU without traffic

Hi Florent, Florent B wrote: > Hi all, > > I am running a Debian Wheezy over a VIA Nano processor U2250 processor. > > This processor does not support AES Intel instructions, but supports VIA > Padlock which can do AES. > > Kernel modules are loaded : > > root@sd-39714:~# lsmod | grep padlock > pa

Re: [Openvpn-users] 100% CPU without traffic

perf top is giving me "_vpaes_encrypt_core" (75%) and "sha1_block_data_order_ssse3" (20%) functions of openvpn process consumming all my CPU... (it has changed from packaged, it was an openssl function that was consumming) ---

Re: [Openvpn-users] Building from source with custom OpenSSL

-Original Message- From: Florent B [mailto:flor...@coppint.com] Sent: May-06-14 11:35 AM To: Andy Wang; openvpn-users@lists.sourceforge.net Subject: Re: [Openvpn-users] Building from source with custom OpenSSL It makes no difference... always same errors...

Re: [Openvpn-users] Building from source with custom OpenSSL

Whenever I've built customs with openssl on a prefix I do the following upon configure for OVPN export PKG_CONFIG_PATH=/lib/pkgconfig export CPPFLAGS=-Iinclude export LDFLAGS=-L/lib export PKG_CONFIG_PATH=/lib/pkgconfig then a ./configure --prefix= yadda yadda... Side note. I've been building

Re: [Openvpn-users] Building from source with custom OpenSSL

-Original Message- From: Florent B [mailto:flor...@coppint.com] Sent: May-06-14 10:55 AM To: openvpn-users@lists.sourceforge.net Subject: [Openvpn-users] Building from source with custom OpenSSL Hi all, I use Debian Wheezy amd64. I have to use a custom version of OpenSSL because I need

Re: [Openvpn-users] the local and remove vpn endpoints must exist within the same 255.255.255.252 subnet

Hi Pol, Pol Hallen wrote: > Hey all :-) Like error on subject I guess a problem about subnet but I > don't understand how configure openvpn to solve the error. I see this > error only on win32 (both xp and seven too) on linux and freebsd clients I > don't have problem :-) > > > Linux and freebs

[Openvpn-users] the local and remove vpn endpoints must exist within the same 255.255.255.252 subnet

Hey all :-) Like error on subject I guess a problem about subnet but I don't understand how configure openvpn to solve the error. I see this error only on win32 (both xp and seven too) on linux and freebsd clients I don't have problem :-) Thanks all for help! Pol server config: port XXX proto u

Re: [Openvpn-users] doubts about possible sniffing

Hi, On Tue, May 06, 2014 at 02:04:05PM +, Andy Wang wrote: > Thanks Gert for detail education. Follow Jason's advice I've done some simple > test using ettercap in my environment which is openvpn-2.1.1 and you were > right, the OpenVPN can't protect the client from arp spoofing which is real

Re: [Openvpn-users] doubts about possible sniffing

Thanks Gert for detail education. Follow Jason's advice I've done some simple test using ettercap in my environment which is openvpn-2.1.1 and you were right, the OpenVPN can't protect the client from arp spoofing which is really bad. I will try the latest 2.3.4 to see if it is still broken a

Re: [Openvpn-users] OpenVPN 2.3.4 released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Many thanks. Simon On 14-05-06 04:02 AM, Samuli Seppänen wrote: > > Updated: > > > > Just for the record: the page was generated from man2html output piped > through ovpn-man2html.awk

Re: [Openvpn-users] OpenVPN 2.3.4 released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Updated: Just for the record: the page was generated from man2html output piped through ovpn-man2html.awk[*]. Samuli [*] > On 14-05-02 09