[Openvpn-users] Fwd: Strange proxy behaviour in windows not linux

On Fri, Jul 3, 2015 at 7:58 AM, debbie...@gmail.com wrote: Hi Using proxy to get to OpenVPN server the problem is that an identical setup in Linux works where as windows does not ... Please see this full thread for full details: https://forums.openvpn.net/topic19172-15.html#p53047 Looks

[Openvpn-users] Option mismatch warning: keydir

Hi, I have a server running Debian wheezy with openvpn is 2.2.1 (stock version of the distribution). When version 2.3 clients connect, the server log shows WARNING: 'keydir' is present in local config but missing in remote config, local='keydir 1' What is this keydir option? I don't have it

Re: [Openvpn-users] custom static auth plugin - returning info to the client

On Mon, Jul 6, 2015 at 9:27 AM, Matthew Karas mkarasc...@gmail.com wrote: Just to confirm what I think you're saying is - set the environmental variables when the function is called with OPENVPN_PLUGIN_CLIENT_CONNECT_V2. So let's say I can set the env variables - is the only way to act

Re: [Openvpn-users] Moving all IPv6 traffic from client though server over vpn, can't ping from client lan?

Hi John, and a route on the server to the 4d09::/64 through the tunnel. Please show us the routes on the server too. ip -6 route 2600:::4d00::/64 dev eth0 proto kernel metric 256 pref medium 2600:::4dff::/64 dev tun1 proto kernel

Re: [Openvpn-users] Strange OpenVPN and Konica Minolta spooler conflict

On Fri, Oct 23, 2015 at 12:22 PM, Gert Doering wrote: > Hi, > > On Fri, Oct 23, 2015 at 01:48:34PM +0200, Jan Just Keijser wrote: > > I've just read the entire thread and the original "bug report" from the > > IT department - there's a lot of information that is missing. > >

Re: [Openvpn-users] client config fallback from 1194 udp to 80 tcp

On Wed, Oct 21, 2015 at 9:46 AM, Stefan Szabo wrote: > hi, > > without proto tcp declaration it doesnt try over tcp, all that is doing is > udp. > > if the first line is proto tcp, the first connection is over tcp, after > that jumps over UDP.UDP is tried for 5 times

Re: [Openvpn-users] client config fallback from 1194 udp to 80 tcp

Hi Gert, Yes the problem remains (see below).. On Wed, Oct 21, 2015 at 2:50 PM, Gert Doering <g...@greenie.muc.de> wrote: > hi, > On Wed, Oct 21, 2015 at 01:14:26PM -0400, Selva Nair wrote: > > Why? Because of this line in the config: > > > > persist-remote-ip >

[Openvpn-users] Fwd: client config fallback from 1194 udp to 80 tcp

Hi, On Wed, Oct 21, 2015 at 4:59 PM, Erich Titl <erich.t...@think.ch> wrote: > Hi Folks > > sorry to chime in late (and unsolicited) > You are welcome. > > Am 21.10.2015 um 22:48 schrieb Gert Doering: > > Hi, > > > > On Wed, Oct 21, 2015 at 04:37

Re: [Openvpn-users] client config fallback from 1194 udp to 80 tcp

On Wed, Oct 21, 2015 at 5:39 PM, wrote: > Results you could have SHARED in the FIRST place .. > Go through the thread carefully -- I was the first to point out the conflict between persist-ip and multiple remotes. I tested this with 2.3.8 this morning seeing the OP's post,

Re: [Openvpn-users] Windows: on the suspend/resume bug

On Mon, Nov 2, 2015 at 9:47 AM, Simon Deziel wrote: > > Thanks for your analysis. Indeed, this could explain the differences > > between what you saw ("no issues") and what others are seeing, and how > > to solve this. > > > > I'll give the patch a closer look - and

Re: [Openvpn-users] Windows: on the suspend/resume bug

On Mon, Nov 2, 2015 at 10:13 AM, Morris, Russell wrote: > Hi, > > I can test it out too, and have a setup to do so. Where do I get the > updated (test) build from? > > Thanks! > Yes, it would be great if you can test it building from scratch. So If you have openvpn-build

Re: [Openvpn-users] Samba and openvpn: play nice together?

Hi, This probably has nothing to do with openvpn. But here is something I noticed in your smb.conf > On Sat, Oct 31, 2015 at 4:40 PM, Douglas D Germann Sr < > 76066@compuserve.com> wrote: > > > > [global] > > workgroup = EVERYONE > > server string = h server (Samba, Ubuntu)

[Openvpn-users] Windows: on the TAP not getting IP issue

Hi, Arrg.. I should have never updated our windows installations ;) Now one of our laptops has hit "this hanging in no IP-land" bliss. I see this issue mentioned in some trac tickets and here on the users list. Here is what I see: after successfully passing through TLS hurdles, tun/tap open

Re: [Openvpn-users] Windows: on the TAP not getting IP issue

Hi, On Wed, Nov 4, 2015 at 1:21 AM, Morris, Russell wrote: > Sorry to hear that you’re having this issue also! The only upside is that it > seems I’m not completely crazy (as no one else had reporting seeing this > yet) … ;-). There is at least one comment on the trac with

Re: [Openvpn-users] Windows: on the suspend/resume bug

Hi Gert, On Wed, Nov 4, 2015 at 10:47 AM, Gert Doering wrote: > > Tue Nov 03 22:58:23 2015 Route deletion fallback to route.exe > > Tue Nov 03 22:58:23 2015 env_block: add > PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem > > Tue Nov 03 22:58:23 2015 Closing

Re: [Openvpn-users] Windows: on the suspend/resume bug

Hi, On Mon, Nov 2, 2015 at 10:36 AM, Samuli Seppänen wrote: > Hi, > > I'll produce a special OpenVPN build with Selva's patch for testing > tomorrow. > Thanks. Please note that if the GUI is used, it should be run with disconnect_on_suspend=0 to work well with the patch.

Re: [Openvpn-users] ipset based police routing not works with openvpn.

On Wed, Oct 14, 2015 at 4:42 AM, Hongyi Zhao <hongyi.z...@gmail.com> wrote: > On Wed, 14 Oct 2015 02:05:38 -0400, Selva Nair wrote: > > > This should work for forwarded packets, but for locally generated > > traffic you will need to mangle them in the OUTPUT chain. > &

Re: [Openvpn-users] ipset based police routing not works with openvpn.

On Tue, Oct 13, 2015 at 10:23 PM, Hongyi Zhao wrote: > > 2- Using iptables to set the mark value 200 for all of the traffic > which are destinated to google.com: > > $ sudo iptables -t mangle -A PREROUTING -m set --match-set > openvpn-test dst -j MARK --set-mark 200 >

Re: [Openvpn-users] ipset based police routing not works with openvpn.

On Thu, Oct 15, 2015 at 8:20 AM, Hongyi Zhao wrote: > 2- With the route in table openvpn: > > $ ip route show table openvpn > default via 10.211.1.34 dev tun-gfwlist > > This time the following command will give nothing: > > > $ traceroute 8.8.8.8 > traceroute to 8.8.8.8

[Openvpn-users] Fwd: tls-verify script not working

On Tue, Oct 6, 2015 at 9:48 AM, Dreetjeh D wrote: > > Hello, > > >>Unless you meant ISO 639-3 languages ;) > Yes, i meant exactly that :-) > Just trying to look at an example and try to understand what it`s doing. > I have no IT background and as middle age man taking first

Re: [Openvpn-users] tls-verify script not working

On Mon, Oct 5, 2015 at 2:15 PM, Dreetjeh D wrote: > > > > I'd add some debug statements to the script, e.g. add on the second > line. > > echo "[$0] [$1] [$2] [$3] [$4]" > Result: > * > > Mon Oct 5 19:23:14 2015 us=499434 192.168.11.32:1194 ++

Re: [Openvpn-users] Management interface - bringing connection up and down

On Tue, Jul 7, 2015 at 4:08 PM, Matthew Karas mkarasc...@gmail.com wrote: I'm using the management interface for openvpn client and I would like to interactively stop the tun0 interface using the management interface. To stop I use forget-passwords hold on signal SIGHUP to just restart

Re: [Openvpn-users] Changing users at my client causes tls auth error

On Fri, Jul 10, 2015 at 8:22 AM, Matthew Karas mkarasc...@gmail.com wrote: I'm connected then I use forget-passwords SUCCESS: Passwords were forgotten signal SIGHUP SUCCESS: signal SIGHUP thrown ECHO:1436480286,on HOLD:Waiting for hold release hold release That should work for

Re: [Openvpn-users] Dynamic NAT uses only the last IP Address in range

On Sun, Sep 27, 2015 at 10:28 AM, Nikolaos Milas wrote: > On 26/9/2015 10:34 μμ, Gert Doering wrote: > > > I wonder if just pre-setting all the NAT mappings wouldn't be much > > easier? So, you know that your server is handing out 192.168.1.x - so > > why not just initialize the

Re: [Openvpn-users] tls-verify script not working

On Mon, Oct 5, 2015 at 4:48 PM, Dreetjeh D wrote: > Hello, > > So I have to say thank you, turns out the script was the culprit. > Actually it is not my script, I speak and write some languages, but > no scripting :-) > These scripts needs not be "scripts" per se -- could

Re: [Openvpn-users] openvpn server pretends to be .254 for emulated dhcp server?

Hi, yet, but I just noticed that a Windows client was saying it got it's openvpn IP client address from a DHCP server running on the .254 address.. > [..] > The server is actually set up to use the .1 address (ie "ifconfig > x.y.z.1 255.255.255.0"), so as far as I'm concerned, the .254 address

Re: [Openvpn-users] openvpn server pretends to be .254 for emulated dhcp server?

On Fri, Dec 4, 2015 at 12:01 AM, Leroy Tennison wrote: > A couple of thoughts come to mind. First, if node 254 is always active > then "well-behaved" DHCP clients should test for that and never accept > that address. > All this dhcp thing is just an exchange between

Re: [Openvpn-users] openvpn server pretends to be .254 for emulated dhcp server?

Hi, On Sun, Dec 6, 2015 at 3:16 PM, Jason Haar <jason_h...@trimble.com> wrote: > On 05/12/15 15:10, Selva Nair wrote: > > OpenVPN will fail with an error saying dhcp server address conflicts > > with the client ip. > > You can change this default behaviour using "

Re: [Openvpn-users] Routing

On Mon, Dec 7, 2015 at 12:53 AM, Axel Glienke wrote: > i have a little question. > > My system: > > ip route: > 0.0.0.0/1 via 10.8.0.5 dev tun0 > default via 192.168.2.1 dev br0 proto static metric 425 > 10.8.0.1 via 10.8.0.5 dev tun0 > 10.8.0.5 dev tun0 proto kernel scope

Re: [Openvpn-users] Routing

Hi On Mon, Dec 7, 2015 at 6:45 AM, Axel Glienke wrote: > > my Konfiguration for example: > > Client --r5d.de --> rootserver (r5d.de) ---forwarding: vpn10.8.0.6 --> > myhomeserver > > So i want that only incoming traffic (requests for server) routing > back to the vpn/tun0 >

Re: [Openvpn-users] [Openvpn-devel] Kickstarter campaign for auditing and improving security software, including OpenVPN

Hi On Wed, Dec 9, 2015 at 4:06 AM, Samuli Seppänen wrote: > > OSTIF.org's website contains lost of information about OSTIF.org itself: > > > > The founder of OSTIF.org participated in our previous community meeting, > explaining the goals of their

Re: [Openvpn-users] [Openvpn-devel] Kickstarter campaign for auditing and improving security software, including OpenVPN

Hi, Just to be on record, I managed to get in touch with ostif and got a response. Is this OSTIF a really serious organization? > > I ask this because no contact addresses on their webpage though they > solicit donation. Email to webmas...@ostif.org bounces (no such user) > etc. etc.. Many pages

Re: [Openvpn-users] "Safe" configurations for installation without admin privileges?

Hi, On Wed, Dec 9, 2015 at 4:03 PM, Jonathan K. Bullard wrote: > Inspired by Gert Doering (but don't blame him for any of my bad ideas > : ), I'm considering adding a feature to Tunnelblick (a FOSS GUI for > OpenVPN on OS X) that would allow a standard user on a Mac to

Re: [Openvpn-users] Fwd: "Safe" configurations for installation without admin privileges?

s list has been quiet, a little more noise wont hurt, I hope. > Sorry to butt in a little late, see my comments below > > Jonathan K. Bullard wrote: > > Sorry, forgot to cc: the list. > > > [..] > > On Wed, Dec 9, 2015 at 6:35 PM, Selva Nair <selva.n...@gmail.com> w

Re: [Openvpn-users] windows start as administrator

Hi, On Fri, Dec 11, 2015 at 6:06 AM, ValdikSS wrote: > I'd like that OpenVPN would automatically gain needed privileges in 2.3.9 > but I'm not sure if this is acceptable for all use cases. Could we run it > as administrator by default until we have working NSSM in a

Re: [Openvpn-users] windows start as administrator

Hi, On Fri, Dec 11, 2015 at 2:24 PM, Gert Doering <g...@greenie.muc.de> wrote: > On Fri, Dec 11, 2015 at 11:08:16AM -0500, Selva Nair wrote: > [..] > > The test I posted was of requiring admin for the GUI itself (IMO, a bad > > idea). > > I just assumed requiring

Re: [Openvpn-users] windows start as administrator

Hi, On Fri, Dec 11, 2015 at 2:34 PM, Simon Deziel wrote: > > > > Actually this is what people do today (set the shortcut to the gui to > > "[X] run as admin") to work around the permission issues. > > > > Never thought of doing this for openvpn.exe, though. But then, I

Re: [Openvpn-users] windows start as administrator

Hi, On Thu, Dec 10, 2015 at 3:24 AM, Kapetanakis Giannis < bil...@edu.physics.uoc.gr> wrote: > 90% of our support tickets have to do with our users on windows not > running OpenVPN > as administrator. Connection seems ok but they disconnect after a while > (not able to install routes) which in

Re: [Openvpn-users] windows start as administrator

Hi, On Thu, Dec 10, 2015 at 9:02 PM, Morris, Russell wrote: > Hi, > > > Checked it out (very remotely, trans-Atlantic flight … LOL). > That's funny. > Works great, thanks! And with admin rights, it properly pushes my routes > (that were broken with non-admin). > Thanks

Re: [Openvpn-users] windows start as administrator

Hi, On Fri, Dec 11, 2015 at 7:16 PM, Kapetanakis Giannis < bil...@edu.physics.uoc.gr> wrote: > > On 11/12/15 23:25, Selva Nair wrote: > > On Fri, Dec 11, 2015 at 2:24 PM, Gert Doering <g...@greenie.muc.de> wrote: > >> >> Actually this is what peopl

Re: [Openvpn-users] Fw: Windows installers with OpenVPN-GUI that requests highest available privileges

On Mon, Jan 4, 2016 at 1:10 PM, Samuli Seppänen wrote: > >> Basically, for my W7 64b machine .. > >> the right arch (64b) installled as expected, with UAC prompts > >> GUI did *not* request elevation when started by normal user > > This matches the behavior I observed today

Re: [Openvpn-users] Issue getting to LAN behind VPN Server

On Tue, Jan 5, 2016 at 1:34 PM, Jeff Boyce wrote: > > My issue description is posted at > https://forums.openvpn.net/topic20369.html. > > I believe that my problem is a routing issue, but I have exhausted my > avenues of research and knowledge. The configs and routes on

Re: [Openvpn-users] How exactly does setting the option "block-outside-dns" help for Linux and BSD users?

Hi, On Fri, Dec 18, 2015 at 8:24 PM, ValdikSS wrote: > Well, actually Linux can leak DNS requests too, just as Windows 7 and > older. The leak is usually occurs when DNS didn't respond in time and it > falls back to secondary server which could be your ISP one. > Windows

Re: [Openvpn-users] OpenVPN client log file filling up hard drives on random computers

Hi, On Fri, Nov 20, 2015 at 11:53 AM, Shane McKinley wrote: > I have been having an issue for some time with the log files filling > up the hard drive randomly on different computers. > > OpenVPN version: 2.3.8 > > Config files are default besides changing the

Re: [Openvpn-users] openvpn-client: limit ifconfig/route statements pushed by server

Hi, On Fri, Jun 10, 2016 at 4:47 PM, Chris Laif <chris.l...@googlemail.com> wrote: > On Wed, May 25, 2016 at 4:04 AM, Selva Nair <selva.n...@gmail.com> wrote: > > This looks like a very useful feature that I went ahead and took a stab > at > > it. See PR #50 at

Re: [Openvpn-users] Evaluating Openvpn management interface externally via application

On Fri, Jun 10, 2016 at 7:55 AM, Lamsoge, Abhijit < abhijit.lams...@harman.com> wrote: > Although management hold release stops vpn daemon from running further. > > It does not seem to work for me beyond that. > As when I do try to change the remote server using > > >remote MOD > > The server

Re: [Openvpn-users] openvpn-client: limit ifconfig/route statements pushed by server

Hi, On Sat, Jun 11, 2016 at 12:57 PM, Chris Laif wrote: > > I'm open to adding support for $, but would avoid using an _optional_ > second > > option-filter because of how missing quotes will change the meaning. > > > > I'm probably misunderstanding you, so I'm trying

Re: [Openvpn-users] Evaluating Openvpn management interface externally via application

On Mon, Jun 13, 2016 at 12:14 AM, Lamsoge, Abhijit < abhijit.lams...@harman.com> wrote: > Hi Selva, > Restarting the Openvpn client is the last resort for us. > You do not have to restart the process. Send a SIGHUP through the management to re-read the config and start over. Not that different

Re: [Openvpn-users] Evaluating Openvpn management interface externally via application

Hi, On Thu, May 26, 2016 at 4:40 AM, Lamsoge, Abhijit wrote: > Hi All, > > I am trying to write python and C based application for modifying > “OpenVpn” in client mode via management interface. > > I need to do the following > > - Update the remote server

Re: [Openvpn-users] Split Tunnel on a per client basis

On Fri, May 27, 2016 at 3:23 PM, Nikolaos Milas wrote: > > In your server config add push "route-gateway 10.12.12.1". This is > > automatically done (for topology subnet) if --server option is used to > > setup the server ip, ip-pool etc, not otherwise. Also see --server and > >

Re: [Openvpn-users] reconnecting and block-outside-dns conflict ?

On Fri, May 27, 2016 at 7:56 AM, debbie10t wrote: > Hi, > > This is the original question: > https://forums.openvpn.net/viewtopic.php?f=4=21797 > > The gist is: > If a connection is dropped and --block-outside-dns is > blocking access to local DNS then how can the client >

Re: [Openvpn-users] ignoring server control message

On Fri, Jun 17, 2016 at 6:06 PM, Larry Martell wrote: > I connect to a VPN server that sends this message: > > PUSH: Received control message: 'PUSH_REPLY,route 0.0.0.0 > 255.255.255.255 net_gateway,dhcp-option DNS > 192.168.10.254,route-gateway dhcp,ping 15,ping-restart

Re: [Openvpn-users] ignoring server control message

On Sat, Jun 18, 2016 at 8:04 AM, Larry Martell <larry.mart...@gmail.com> wrote: > On Fri, Jun 17, 2016 at 8:55 PM, Selva Nair <selva.n...@gmail.com> wrote: > > > > On Fri, Jun 17, 2016 at 6:06 PM, Larry Martell <larry.mart...@gmail.com> > > wrote: > &g

Re: [Openvpn-users] openvpn site-to-site configuration

Hi, On Wed, Feb 24, 2016 at 5:48 AM, tovis wrote: > Hi. > Thanks for answer! > At now I have use loglevel 5 (several time I was used level 9 but it was > useless - too many information). > I'm trying to find reading iroute from ccd directory but I do not find it > or

Re: [Openvpn-users] openvpn site-to-site configuration

On Wed, Feb 24, 2016 at 10:24 AM, tovis wrote: > Thanks for your answer! > On this (old 12.0.9 OpenWrt) /etc/config/openvpn contain only an include > to real configuration file /etc/openvpn/srv-vpn.conf > I this directory are also keys (such as ca.crt, ca.key,

Re: [Openvpn-users] separate config directories for Windows client

On Tue, Feb 23, 2016 at 7:42 AM, Helen Heath wrote: > Is it possible to alter the .opvn files to point to their respective > ta.key files in a different subdirectory? I have this set in my .opvn > configs > > tls-auth ta.key 1 > The GUI works with configs in sub

Re: [Openvpn-users] openvpn site-to-site configuration

On Tue, Feb 23, 2016 at 7:07 PM, tovis wrote: > The routers configuration, resulting settings and logs are on pastebin: > server side (tovis-lab): http://pastebin.com/3VRAadXz > client side (tovis-lak): http://pastebin.com/h8Ctfmx2 > server side LAN is 192.168.1.0

Re: [Openvpn-users] --mtu-disc vs --mtu-test

Hi, On Tue, Feb 23, 2016 at 1:44 PM, wrote: > due to a distinct lack of developer support > from the windows server base > simple common sense * implies ALL Win OS > so not supported by *any* windows OS. > > MAC .. as if .. > BSD .. yeah right .. > > Bottom line: >

Re: [Openvpn-users] separate config directories for Windows client

On Tue, Feb 23, 2016 at 3:54 PM, David Sommerseth < open...@sf.lists.topphemmelig.net> wrote: > > try using double backslashes and escape spaces: > > --connect "c:\\program\ files\\openvpn\\config\\config1\\config1.ovpn" > > > > or use > > --connect "c:/program

Re: [Openvpn-users] separate config directories for Windows client

Hi, On Tue, Feb 23, 2016 at 4:04 PM, Helen Heath wrote: > Thanks Selva, tried it and it did exactly as you said. Problem solved, > thank you! > Good to know. For those who are in the dark about the GUI: PR#18 will support two config directories (one global and one

Re: [Openvpn-users] Odd Windows error

On Wed, Feb 24, 2016 at 7:44 PM, Gregory Sloop wrote: > Might I mention though, dev-group, that that timeout message is worse than > worthless. Might as well have it say "Something went wrong." That would at > least be intelligible. :) Looking at the latest sources it appears

Re: [Openvpn-users] separate config directories for Windows client

On Tue, Feb 23, 2016 at 8:51 AM, Helen Heath wrote: > Thanks Selva - I tried that, and the OpenVPN client just complained there > wasn't a valid config file at that location. But the config file works > just fine if it's back in the actual config directory. That's why

Re: [Openvpn-users] Download verification methods

On Mon, Feb 22, 2016 at 9:34 AM, wrote: > arby@mint64-dik-xpc ~/Downloads $ gpg -v --verify > openvpn-install-2.3.10-I002-i686.exe.asc > openvpn-install-2.3.10-I002-i686.exe > gpg: armour header: Version: GnuPG v1 > gpg: Signature made Mon 01 Feb 2016 12:45:32 GMT using DSA

Re: [Openvpn-users] Odd Windows error

On Wed, Feb 24, 2016 at 4:32 PM, Gregory Sloop wrote: > New Windows install on a new machine. > New OVPN install too, obviously. > > I'm using old config files, but I don't think the config file is part of > the problem. > > The error I keep getting in the logs, follows.

Re: [Openvpn-users] Lost functionality after windows 10 upgrade

Hi, On Mon, Mar 7, 2016 at 5:14 PM, Gregg K wrote: > Now I lost the ability to connect to any of the computers behind the VPN. > I > have tried disabling the firewall, and I still cannot ping the internal > network. I can ping the VPN IP address, which is 10.8.2.1, and I can

Re: [Openvpn-users] Site-to-site: VPN'd into one Site

Hi, On Mon, Mar 28, 2016 at 3:37 PM, Sumit Dahiya wrote: > You are right, our current site-to-site setup does not use OpenVPN. > Instead, > it uses router's built-in functionality. Couple of additional facts based > on > your comments: - > > 1. Our OpenVPN does not run

Re: [Openvpn-users] Problems Configuring OpenVPN on Centos 6.6

Hi, On Sun, Apr 10, 2016 at 4:41 PM, H wrote: > I am having a problem configuring an OpenVPN server on a Centos 6.6 > server and am not sure where the problem is. Despite reviewing several > how-tos on the setup and making sure port 1194 is open on my router I am > unable

Re: [Openvpn-users] Allowing all OpenVPN 2.4.x Windows users to run OpenVPN by default?

Hi, Thanks for the comments. On Sat, Mar 5, 2016 at 6:40 PM, Németh Tamás NET wrote: > What if you add a config option to profile files which is similar to > "valid users" of samba's smb.conf? This option might be mandatory in > systemwide profiles and optional in

Re: [Openvpn-users] Changing openvpn dhcp pool

Hi, On Sun, Mar 6, 2016 at 9:15 AM, Zoltán Szabó wrote: > I would like to have dynamic IPs assigned from this range: > 10.8.1.0 - 10.8.1.254 > > For this, I would like to use a /23, so 255.255.254.0 > Exclude the last address 10.8.1.254 from the range as that will clash with the

Re: [Openvpn-users] Changing openvpn dhcp pool

On Sun, Mar 6, 2016 at 2:17 PM, Zoltán Szabó wrote: > Sun Mar 06 19:33:39 2016 Set TAP-Windows TUN subnet mode > network/local/netmask = 10.8.1.0/10.8.1.2/10.8.1.1 [SUCCEEDED] > Sun Mar 06 19:33:39 2016 MANAGEMENT: Client disconnected > Sun Mar 06 19:33:39 2016 ERROR: --ip-win32

Re: [Openvpn-users] Allowing all OpenVPN 2.4.x Windows users to run OpenVPN by default?

On Thu, Mar 3, 2016 at 3:38 PM, Jason Haar wrote: > On Fri, Mar 4, 2016 at 1:38 AM, Gert Doering wrote: > >> I think this needs to be a question the installer asks. >> > > I agree. Let's face it, the use-case you are talking about is an >

Re: [Openvpn-users] [Openvpn-devel] Samsung Galaxy S6 to android 6.0.1 powersave

Hi, On Mon, Mar 7, 2016 at 9:55 AM, wrote: > An interesting tid-bit about Samsung Galaxy S6 to android 6.0.1 > and OpenVPN Connect > > https://forums.openvpn.net/post59478.html#p59478 > Sounds, suspiciously similar to the sleep-resume issue we had on windows.. The

Re: [Openvpn-users] Windows client without admin rights

On Fri, Mar 4, 2016 at 11:01 AM, Németh Tamás wrote: > > A while back created a test build that should work as non-admin just > fine: > > > > < > http://build.openvpn.net/downloads/temp/openvpn-install-2.3_guipr18and20-I606-x86_64.exe > > > > > > Note that the user has

Re: [Openvpn-users] Windows client without admin rights

On Fri, Mar 4, 2016 at 11:01 AM, Németh Tamás wrote: > Thank you very much for your answer. > > > > I've read that it's not possible to run OpenVPN on Windows from a > > > non-admin user account. > > > This issue has been fixed recently: it is possible to run

Re: [Openvpn-users] restrict access to certain users

Hi, On Fri, Apr 1, 2016 at 12:13 PM, Kapetanakis Giannis wrote: > Hi, > > Is there an option (i can't find on man) that will allow admin to > restrict access to certain users? > There are several ways to do this: (i) --tls-verify verify.sh In verify.sh you could

[Openvpn-users] Fwd: Windows client without admin rights

missed to cc: the list Hi, On Wed, May 18, 2016 at 2:53 PM, debbie10t wrote: > On 16/05/16 19:59, Gert Doering wrote: > > Hi, > > > > On Sun, May 08, 2016 at 02:25:42PM -0400, Doug Lytle wrote: > >> Gert Doering wrote: > >>> These bits are not yet

Re: [Openvpn-users] username-as-common-name not setting username as common_name for plugin

On Wed, Aug 3, 2016 at 5:35 PM, Michael Hicks wrote: > Greetings OpenVPN users, > > I’m having some trouble with openvpn using an auth plugin for DuoSecurity > MFA. > https://github.com/duosecurity/duo_openvpn > > server side > OpenVPN 2.3.6 x86_64-sun-solaris2.11 [SSL

Re: [Openvpn-users] Access from Client on a high latency link very slow

Hi, On Wed, Aug 10, 2016 at 5:47 PM, Dante F. B. Colò wrote: > Hello everyone > > I have a issue with a client machine running openvpn 2.3.11 on Windows > 10 located in London , my server is located here in São Paulo, Brazil > and there is a high latency between the two

Re: [Openvpn-users] Problem routing traffic on clients subnet to OVPN

On Fri, Jul 15, 2016 at 11:22 AM, Tobi wrote: > Hi > > I'm trying to expand the scope of openvpn on the client side to allow > traffic from this client LAN to the OVPN network. It works everywhere > except on one system (subnet). The openvpn client can ping the openvpn >

Re: [Openvpn-users] [openvpn-users] client user/pass timeout ?

On Thu, Jun 30, 2016 at 4:25 AM, David Sommerseth < open...@sf.lists.topphemmelig.net> wrote: > On 28/06/16 16:11, debbie10t wrote: > > Hi, > > > > Looking at this forum thread: > > https://forums.openvpn.net/viewtopic.php?f=4=22003 > > > > I was looking @src for 'timeout' etc for

Re: [Openvpn-users] Routing OpenVPN server

Hi, On Tue, Jun 28, 2016 at 5:49 AM, Josu Lazkano wrote: > Hello again, > > I configured a site to site OpenVPN with 2 Debian Jessie servers. > > site1 server: 192.168.1.10/24 > site1 router/gw: 192.168.1.1/24 > site1 conf: http://paste.debian.net/766912/ > site2 server:

Re: [Openvpn-users] Routing OpenVPN server

On Sat, Jul 2, 2016 at 1:59 PM, Josu Lazkano wrote: > Thanks Selva! > > It works, I remove the routes in the configuration files and execute this: > > ip route add 192.168.1.0/24 dev tun0 src 192.168.2.10 > ip route add 192.168.2.0/24 dev tun0 src 192.168.1.10 > > Now

Re: [Openvpn-users] Routing OpenVPN server

On Sun, Jul 3, 2016 at 12:36 AM, Sachin Garg wrote: > > > > > > Option 1: Leave the routes as before in the config and add a static > > route to the remote vpn ips on the routers: > > On router1: > > # ip route add 10.0.0.2/32 via 192.168.1.10 > >

Re: [Openvpn-users] Windows openvpnservice (openvpnserv2) starting of its own accord ?

On Mon, Feb 20, 2017 at 12:32 PM, debbie10t wrote: > Stop running openvpnserv2 + openvpn.exe > REBOOT > > Result of powershell: > > ExitCode: 0 > Name: OpenVPNService > ProcessID: 2324 > StartMode: Manual > State: Running > Status:OK > > Weird ? > A shot in

Re: [Openvpn-users] Windows openvpnservice (openvpnserv2) starting of its own accord ?

On Mon, Feb 20, 2017 at 3:01 PM, debbie10t wrote: > > > > > Any scheduled tasks (taskschd) that could be starting it? > > > > Nothing in Windows Scheduled Tasks other than the usual MS crap > eg: Customer Experience Improvement Program > > Although, I am not overly familiar

Re: [Openvpn-users] Windows openvpnservice (openvpnserv2) starting of its own accord ?

On Mon, Feb 20, 2017 at 4:50 PM, debbie10t wrote: > >> Use msconfig to disable startup processes and/or services to isolate the >> what causes this. You will have to reboot several times using a bisecting >> approach -- disable half of the start up items, then quarter etc

Re: [Openvpn-users] Initiating connection at boot time

On Sun, Feb 19, 2017 at 10:28 PM, David Arnstein wrote: > I have openvpn installed with a single client configuration in > Windows 10 Home. I see that I have a service "OpenVPN Interactive > Service" that starts automatically. > > What I would like to do is connect to my

Re: [Openvpn-users] AD integration with OpenVPN GUI

On Tue, Feb 21, 2017 at 10:15 AM, Doug Lytle wrote: > >>> On Feb 21, 2017, at 9:20 AM, Gert Doering g...@greenie.muc.de wrote: > > >>> AD groups should work starting with 2.4.1 - the service changes are in, > >>> the GUI changes are done but waiting for review. > > >>>

Re: [Openvpn-users] Auth against Windows Server

Hi, On Wed, Feb 15, 2017 at 8:20 AM, debbie10t wrote: > I do not know of any plugin for this, are there any ? > > My guess would be a script/batch file on the vpn server > which does some auth against windows server or AD. > > Any general pointers would be appreciated. >

Re: [Openvpn-users] [openvpn-users] --auth-user-pass file containing only username problem

On Sun, Aug 21, 2016 at 10:49 AM, debbie10t wrote: > Hi, > > Openvpn-2.3.11 on Windows client: > > 1. > --auth-user-pass useronly.txt > > useronly.txt = > > username > ^Z > > > This is expected as the GUI uses management interface which only supports both username and

Re: [Openvpn-users] Client as exit point?

On Mon, Aug 22, 2016 at 3:33 PM, Dreetjeh D wrote: > The OVPN-Client is a NAS and ip_forward is enabled. > > I also added > iptables -t nat -I POSTROUTING 1 -s 0.0.0.0/0 -o bond0 -j MASQUERADE > > to make the LAN behind it available. There is a existing one for tun0 > which

Re: [Openvpn-users] Windows tap driver signing certificate expired.

On Thu, Sep 8, 2016 at 5:54 AM, Jan Just Keijser wrote: > > If a fully-patched Windows XP understands SHA2 Authenticode signatures > > then it should not show "Unknown publisher" in "File properties" dialog > > for the installer, executables or libraries. The tap-windows

Re: [Openvpn-users] Client as exit point?

Hi, On Mon, Aug 22, 2016 at 9:03 PM, Dreetjeh D wrote: > >Guess you want all out-of-LAN traffic from the win7 box (192.168.30.9) to > go through the VPN to the NAS and then exit out of it. > > Probably did not read the whole mail, but is no problem :) > I read the whole

Re: [Openvpn-users] Client as exit point?

Hi, > . > >On win7: change the default gateway to pfsense (192.168.30.?) > >>This was and still is the case. > I meant that Win7 already has 192.168.30.1 as gateway. > If pfsense is win7's gateway there is nothing more to do on win7. Looking at the routes, the only missing one is a

Re: [Openvpn-users] Failed to ping the remote point from the client side when using point to point tunnel.

On Sat, Oct 29, 2016 at 3:23 AM, Hongyi Zhao wrote: > Thanks for your notes. > > > > > Instead, ping the vpn server's public address (through eth0) > > I tried and in most cases this method will fail to respond. > > > and compare > > that with pinging the tunnel's remote

Re: [Openvpn-users] options error: option 'setenv' cannot be used in this context ([PUSH-OPTIONS])

On Tue, Oct 25, 2016 at 9:52 AM, Ralf Hildebrandt < ralf.hildebra...@charite.de> wrote: > * Selva Nair <selva.n...@gmail.com>: > > > While it does look safe to allow "push setenv opt .. ", is it really > > useful? All pushed options are optional in the

Re: [Openvpn-users] options error: option 'setenv' cannot be used in this context ([PUSH-OPTIONS])

Hi, On Mon, Oct 24, 2016 at 4:38 AM, Jan Just Keijser <janj...@nikhef.nl> wrote: > On 22/10/16 18:53, Selva Nair wrote: > > > On Fri, Oct 21, 2016 at 10:45 AM, Ralf Hildebrandt < > ralf.hildebra...@charite.de> wrote: > >> #push "register-dns" >

Re: [Openvpn-users] Launching OpenVPN-GUI automatically on user login?

On Mon, Nov 28, 2016 at 4:02 AM, Samuli Seppänen wrote: > There is a PR that makes OpenVPN-GUI launch automatically when any user > logs in: > > > > No OpenVPN connections are started, of course, but the OpenVPN-GUI tray >

Re: [Openvpn-users] Help testing OpenVPN 2.4-alpha1 preview installers?

Hi, On Wed, Oct 12, 2016 at 7:29 AM, Jose Alf. wrote: > I tested the 64 bit installer on Windows 7 Enterprise using default > settings. It ran smoothly. I notice that now there are 3 services - OpenVPN > Interactive Service (appears started automatic) > - OpenVPN Legacy

Re: [Openvpn-users] Can I preserve the tun device from being deleted on the client side after the connection was closed or the server side is unavailable?

On Sun, Oct 16, 2016 at 9:45 AM, Hongyi Zhao wrote: > > But I find another issue: when the vpn connection is down on this > device, the tun device created by the above method can only be listed > by using `ip link' command, while the `ifconfig ' will not list this >

  1   2   3   >