Re: [Openvpn-users] Differences regarding security of linked sub-libraries between Linux and Windows

2013-05-28 Thread Gert Doering
own bugs and security issues? All right? Yep. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025

Re: [Openvpn-users] openvpn capeable Router ? Maybe hardware recommendation?

2013-06-04 Thread Gert Doering
something, but gaining lots of functionality (and less bugs, usually). I'd go with OpenWRT instead of DD-WRT, as it's much better maintained and much more open. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert

Re: [Openvpn-users] Using AES-NI in OpenVPN with OpenSSL 1.0.1

2013-06-19 Thread Gert Doering
the client is. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu

Re: [Openvpn-users] OpenVPN with intermediate CA

2013-07-02 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp1BY3QpPfcD.pgp Description: PGP signature

Re: [Openvpn-users] question regarding openvpn build system

2013-08-25 Thread Gert Doering
mailing list. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu

Re: [Openvpn-users] how to know which part of the /30 to push

2013-09-11 Thread Gert Doering
Hi, On Wed, Sep 11, 2013 at 05:34:44PM +0300, Mihamina Rakotomandimby wrote: I'm running 2.1. That is... ancient. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] is it possible to not push dns server for specific client?

2013-10-11 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp3TGALuVu4C.pgp Description: PGP signature

Re: [Openvpn-users] OpenVPN Security

2013-10-17 Thread Gert Doering
it... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de

Re: [Openvpn-users] OpenVPN Security

2013-10-18 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpNDDJbK7Exe.pgp Description: PGP signature

Re: [Openvpn-users] Options available for --auth

2013-11-03 Thread Gert Doering
to --show-digests as well, so the question ok, so this is what --auth is for, but what options do I have? can be more easily answered... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] reverting DNS-forwarding

2013-11-04 Thread Gert Doering
. So it would be useful to see what scripts *should* be run on your system, and what your logfile says about actually *running* them... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich

Re: [Openvpn-users] Ipv6 annoying

2013-11-11 Thread Gert Doering
won't do anything about it. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g

Re: [Openvpn-users] Ipv6 annoying

2013-11-12 Thread Gert Doering
servers with inconsistent configuration always make troubleshooting more difficult). gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de

Re: [Openvpn-users] How to support newcomers

2013-11-12 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpPRpzIm86gI.pgp Description: PGP signature

Re: [Openvpn-users] IPv6 client-to-client communication

2013-11-16 Thread Gert Doering
MAC address on the tap interface, otherwise static ND on the other clients will not work right. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g

Re: [Openvpn-users] IPv6 client-to-client communication

2013-11-17 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpQqGOk0U2X1.pgp Description: PGP signature

Re: [Openvpn-users] [PATCH] Make code and documentation for --remote-random-hostname consistent.

2013-11-17 Thread Gert Doering
Hi, this is actually not only asking for an ACK, but also for users that rely on the *old* behaviour (foo.bar.gov - foo-0x12345.bar.gov) and would be surprised. gert On Sun, Nov 17, 2013 at 03:30:20PM +0100, Gert Doering wrote: Documentation examples, description and code were disagreeing

Re: [Openvpn-users] IPv6 client-to-client communication

2013-11-17 Thread Gert Doering
assumes one process, one tun/tap, and many clients comes much later in the flow. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49

Re: [Openvpn-users] [PATCH] Make code and documentation for --remote-random-hostname consistent.

2013-11-18 Thread Gert Doering
defending the feature, I'm just repairing it to make it do what the example in the documentation states :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g

Re: [Openvpn-users] IPv6 client-to-client communication

2013-11-18 Thread Gert Doering
better usage of all CPUs in a multi-core system than just a single OpenVPN process :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g

Re: [Openvpn-users] IPv6 client-to-client communication

2013-11-18 Thread Gert Doering
of dispatcher process... all quite non-trivial. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025

Re: [Openvpn-users] IPv6 client-to-client communication

2013-11-21 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpBoMECdqt43.pgp Description: PGP signature

Re: [Openvpn-users] CreateProcess failed...

2013-12-06 Thread Gert Doering
\OpenVPN-GUI is the place the exe path is stored (And yeah, we really need to clean this up for 2.4 :-)) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] openvpn client for windows 8.1 x64

2013-12-29 Thread Gert Doering
as admin. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de

Re: [Openvpn-users] Fwd: Re: openvpn client for windows 8.1 x64

2013-12-31 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de

Re: [Openvpn-users] Extend SSL Certification Problem

2014-03-09 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpbx0nb09JCQ.pgp Description: PGP signature

Re: [Openvpn-users] client interface with ipv6 only

2014-03-17 Thread Gert Doering
of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpgNnqXyqgQJ.pgp Description: PGP signature

Re: [Openvpn-users] OpenVPN as a viable commercial replacement

2014-03-24 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpFK8wZV5MFt.pgp Description: PGP signature

Re: [Openvpn-users] Does OpenVPN use the TLS heartbeat extension? (OpenSSL Security Advisory CVE-2014-0160)

2014-04-09 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp_d1dJjJ_Wf.pgp Description: PGP signature

Re: [Openvpn-users] Where are the 2.3.3 sources?

2014-04-10 Thread Gert Doering
is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpNjeb7iJb2r.pgp Description

Re: [Openvpn-users] Where are the 2.3.3 sources?

2014-04-10 Thread Gert Doering
is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpR65AXO1itx.pgp Description

Re: [Openvpn-users] In search of a usable client-config-dir setup

2014-04-12 Thread Gert Doering
you need that (single process, but individual tun interfaces) - but I've never needed it for any of my setups. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] Successful private key extraction from OpenVPN using Heartbleed

2014-04-16 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpUKz_iTljn1.pgp Description: PGP signature

Re: [Openvpn-users] heartbleed and openvpn

2014-04-21 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpPD9G2S25Mp.pgp Description: PGP signature

Re: [Openvpn-users] TLS_ERROR: BIO read tls_read_plaintext error ...

2014-04-22 Thread Gert Doering
versions are used? gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu

Re: [Openvpn-users] TLS_ERROR: BIO read tls_read_plaintext error ...

2014-04-22 Thread Gert Doering
, but that might run into issues with PolarSSL 1.2 and 1.3). Which bits do not apply? If it's only the PolarSSL bits, you can leave them off for the test. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering

Re: [Openvpn-users] doubts about possible sniffing

2014-05-05 Thread Gert Doering
it works :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu

Re: [Openvpn-users] doubts about possible sniffing

2014-05-06 Thread Gert Doering
there the IP/ARP binding if and only if the address is not already locked elsewhere. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de

Re: [Openvpn-users] Installed to wrong path, how to fix?

2014-05-13 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp1C2_zyzMUS.pgp Description: PGP signature

Re: [Openvpn-users] Performance terrible on transmit from PowerPC linux

2014-05-23 Thread Gert Doering
a PSK/tun setup. Kernel 3.14 involved? There's a bug in the packet handling in 3.14, which results in abysmal tun performance. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] Performance terrible on transmit from PowerPC linux

2014-05-23 Thread Gert Doering
analysis of the problem, and the patch to fix it. (I admit I have no idea which kernel has finally merged it) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] Does traffic in client-to-client config go through the server?

2014-06-11 Thread Gert Doering
/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpRTV_8yzPHA.pgp Description: PGP signature -- HPCC Systems

Re: [Openvpn-users] Does traffic in client-to-client config go through the server?

2014-06-11 Thread Gert Doering
VPNs, because those are usually meshed, not hub-and-spoke... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025

Re: [Openvpn-users] Disable tun-ipv6 on client-side

2014-06-14 Thread Gert Doering
for me. Well, --route-nopull is another option. What's wrong with pulling IPv6 from the server? gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g

Re: [Openvpn-users] Disable tun-ipv6 on client-side

2014-06-14 Thread Gert Doering
Hi, On Sat, Jun 14, 2014 at 03:19:56PM +0400, ValdikSS wrote: On 06/14/2014 03:09 PM, Gert Doering wrote: 2.3.4 should fix all IPv6 issues on Windows 8.1. If not, please bring up the issues so we can fix them :-) - point is: IPv6 needs to work, and if it does not, it needs to be fixed

Re: [Openvpn-users] Disable tun-ipv6 on client-side

2014-06-14 Thread Gert Doering
Hi, On Sat, Jun 14, 2014 at 03:29:09PM +0400, ValdikSS wrote: On 06/14/2014 03:24 PM, Gert Doering wrote: It's not particularily helpful for understanding the issue at hand if you keep bringing up *new* examples. But anyway: don't disable IPv6 if you are lucky enough to have a VPN

Re: [Openvpn-users] Disable tun-ipv6 on client-side

2014-06-14 Thread Gert Doering
Hi, On Sat, Jun 14, 2014 at 04:09:20PM +0400, ValdikSS wrote: On 06/14/2014 04:02 PM, Gert Doering wrote: Reality check: how often are your users updating? Or do you provide a ready-made bundle of here's the openvpn installer with the config included? Because even if we add this function

Re: [Openvpn-users] ping tests mostly work. all OK, except Server-Client private IP. *almost* there!

2014-07-07 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpWvxntcZS2W.pgp Description: PGP signature

Re: [Openvpn-users] ping tests mostly work. all OK, except Server-Client private IP. *almost* there!

2014-07-07 Thread Gert Doering
client cannot do it, do an attachment. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g

Re: [Openvpn-users] Set socket to non-blocking mode failed windows 7 x64

2014-07-18 Thread Gert Doering
on windows. Show more of the logfile, with verb 3 in your config, and show the config file (everything relating to key, cert, ca, password removed) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering

Re: [Openvpn-users] [Openvpn-devel] RFD: building OpenVPN without socks and/or http proxy support

2014-07-18 Thread Gert Doering
Hi, On Tue, Jul 08, 2014 at 09:56:09PM +0200, Gert Doering wrote: we have a patch on the table to remove support for compile-time disabling of socks proxy and http proxy support in OpenVPN. [..] Otherwise, the #ifdef maze goes - that is, socks and http proxy will be always compiled

Re: [Openvpn-users] Consolidating client-specific routes into client-specific ccd/* breaks PINGs across VPN

2014-07-24 Thread Gert Doering
route 192.168.1.0 255.255.255.0 route is not a valid command in ccd files today. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax

Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?

2014-07-29 Thread Gert Doering
as well. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu

Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?

2014-07-29 Thread Gert Doering
, OpenBSD? The source code of OpenVPN is in C, yes? No background needed, just basic capabilities in reading instructions and using google. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich

Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?

2014-07-29 Thread Gert Doering
of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgptawRZHzVz_.pgp Description: PGP signature

Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?

2014-07-29 Thread Gert Doering
, how to compile software from packages, and so on. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025

Re: [Openvpn-users] OpenVPN binary package (2.3.4) for OpenBSD?

2014-07-29 Thread Gert Doering
/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpFydyWCDjVd.pgp Description: PGP signature

Re: [Openvpn-users] Selectively routing traffic across the vpn. Need some help with which routes where.

2014-08-01 Thread Gert Doering
is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpMgME7xX6aY.pgp

Re: [Openvpn-users] OpenVPN and Multi-Core processor

2014-08-04 Thread Gert Doering
for about 6-8 weeks, and I think I can do it... but in my copious spare time, I won't even start this, as it's too complex a task. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] OpenVPN and Multi-Core processor

2014-08-04 Thread Gert Doering
Hi, On Tue, Aug 05, 2014 at 12:00:53PM +1200, Jason Haar wrote: On 05/08/14 08:36, Gert Doering wrote: Nobody did the code yet. This is a complex problem. You need a programmer that understands parallel processes or threads, network, security, and is willing to spend quite a bit

Re: [Openvpn-users] OpenVPN and Multi-Core processor

2014-08-05 Thread Gert Doering
that. I'll keep it in mind... gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g

Re: [Openvpn-users] OpenVPN and Multi-Core processor

2014-08-06 Thread Gert Doering
of threads for stuff like here's a packet, go decrypt and hand back to me for routing or here's a packet, go encrypt and stuff down *that* socket. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich

Re: [Openvpn-users] OpenVPN and Multi-Core processor

2014-08-06 Thread Gert Doering
and scripts when a client moves from one box to another one? Hehe, something left for 2.7, I'd say :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g

Re: [Openvpn-users] OpenVPN and Multi-Core processor

2014-08-06 Thread Gert Doering
free to convince us with running code :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g

Re: [Openvpn-users] only one client per local network

2014-08-10 Thread Gert Doering
, or get a proper router, or use IPv6 (which does not force NAT on people) :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89

Re: [Openvpn-users] OpenVPN log to mysql database

2014-08-18 Thread Gert Doering
to MySQL database. Depending on what you're interested in, --client-connect etc. might give the needed bits as well, and is certainly more simple to implement. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert

Re: [Openvpn-users] how to use --push-peer-info?

2014-08-21 Thread Gert Doering
want to see it in 2.3.2, you need to talk to the management interface. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89

Re: [Openvpn-users] reverse routing on mesh topology

2014-08-21 Thread Gert Doering
of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpHS9AW6ewZf.pgp Description: PGP signature

Re: [Openvpn-users] how to use --push-peer-info?

2014-08-21 Thread Gert Doering
is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpUUu1JJWoId.pgp

Re: [Openvpn-users] Bitmask

2014-08-26 Thread Gert Doering
Hi, On Tue, Aug 26, 2014 at 08:10:02PM +0100, Alain Williams wrote: On Tue, Aug 26, 2014 at 08:56:39PM +0200, Gert Doering wrote: On Tue, Aug 26, 2014 at 08:04:27PM +0200, Lisa Minogue wrote: What is your opinion of Bitmask? (https://bitmask.net/). It claims to be based on OpenVPN

Re: [Openvpn-users] Openvpn logout time?

2014-09-03 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpoXTo_GDcQD.pgp Description: PGP signature

Re: [Openvpn-users] macox dns help for a novice?

2014-09-03 Thread Gert Doering
that bundles openvpn - just like the windows gui bundle) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025

Re: [Openvpn-users] Windows service mode doesn't seem to restart on timeout properly

2014-09-05 Thread Gert Doering
won't get lost. (*) not developing on windows, *and* already not having enough time for those areas inside OpenVPN that I directly feel responsible for :( gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert

Re: [Openvpn-users] From Windows 7 client to OpenVPN server

2014-09-05 Thread Gert Doering
. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de

Re: [Openvpn-users] [Openvpn-devel] [PATCH] Add configure check for the path to systemd-ask-password

2014-09-06 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpKwYS19MHkP.pgp Description: PGP signature

Re: [Openvpn-users] blocking issue with management port

2014-09-18 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpiBeFsIgTA7.pgp Description: PGP signature

Re: [Openvpn-users] Using pyOpenSSL to connect to OpenVPN

2014-09-30 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpQWNalvAR_8.pgp Description: PGP signature

Re: [Openvpn-users] Is there a reason that ciphers can't be specified within connection stanzas?

2014-10-04 Thread Gert Doering
settings, and potentially full client-server cipher negotiations inside the TLS handshake, but this did not result in any code yet. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] Is 2.2.1 non-Windows safe?

2014-10-06 Thread Gert Doering
Hiya, On Mon, Oct 06, 2014 at 07:45:21AM -0400, Jonathan K. Bullard wrote: In an article [1], OpenVPN developer Gert Doering is quoted as saying: What you want to do from OpenVPN???s point of view is to ensure that you???re not using a 2.2.x version anymore, *and* that you just do not run

Re: [Openvpn-users] [Openvpn-devel] New OpenVPN Windows installers (I004 and I604) released

2014-10-21 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpPw7UyLlkwW.pgp Description: PGP signature

Re: [Openvpn-users] disable ipv6

2014-10-25 Thread Gert Doering
but Unknown host. Did you do anything particular to your system to disable IPv6? gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax

Re: [Openvpn-users] --redirect-gateway and IPv6

2014-10-25 Thread Gert Doering
over IPv4. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu

Re: [Openvpn-users] --redirect-gateway and IPv6

2014-10-25 Thread Gert Doering
. Correct. I really should go through the man page and check all places where IP is mentioned whether this is IPv4-only or both protocols. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich

Re: [Openvpn-users] 2.3.5 - systemd

2014-10-29 Thread Gert Doering
is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp8urfgjs5PC.pgp

Re: [Openvpn-users] finding openvpn version

2014-11-04 Thread Gert Doering
we have doesn't work yet (charset issues). gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025

Re: [Openvpn-users] finding openvpn version

2014-11-04 Thread Gert Doering
) as the OpenVPN version number is now always sent across :-) (If you do not get a version number, the version is older than 2.3.3...) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany

Re: [Openvpn-users] OpenVPN tun issue

2014-11-06 Thread Gert Doering
-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpa7WUImZZNT.pgp Description: PGP signature

Re: [Openvpn-users] dynamically adding iroutes

2014-11-06 Thread Gert Doering
/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgp3VEEuntmax.pgp Description: PGP signature

Re: [Openvpn-users] dynamically adding iroutes

2014-11-06 Thread Gert Doering
in tap mode To the contrary. For TAP it will work just fine, as TAP packets *do* carry next-hop information (aka ethernet destination addresses). gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering

Re: [Openvpn-users] CN-surprise

2014-11-06 Thread Gert Doering
. DNS is irrelevant, you might be connecting to an IP address :-) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89

Re: [Openvpn-users] potential route subnet conflict

2014-11-06 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpZtp89bgQDm.pgp Description: PGP signature

Re: [Openvpn-users] OpenVPN Client-to-Site Site-toSite

2014-11-06 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de

Re: [Openvpn-users] OVPN client won't listen on ssh port any more

2014-11-09 Thread Gert Doering
tun packets go to the tun interface), but how precisely to set this up depends on your local environment. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g

Re: [Openvpn-users] Does OpenVPN server remain open on SSH by default?

2014-11-13 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpDitYrjpTom.pgp Description: PGP signature

Re: [Openvpn-users] Building v2.3.5 for RHEL/CentOS 6

2014-11-13 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpVot7JLttck.pgp Description: PGP signature

Re: [Openvpn-users] limits

2014-12-09 Thread Gert Doering
? (TCP needs a new file descriptor for each client, while UDP multiplexes everything over a single FD) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g

Re: [Openvpn-users] limits

2014-12-10 Thread Gert Doering
part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgprJTvfh1E6R.pgp Description: PGP signature

Re: [Openvpn-users] openvpn 2.3.6 on Mac OS

2014-12-19 Thread Gert Doering
couldn't say. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu

Re: [Openvpn-users] openvpn 2.3.6 on Mac OS

2014-12-19 Thread Gert Doering
! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpQs0T6JHBy_.pgp Description: PGP signature

Re: [Openvpn-users] openvpn 2.3.6 on Mac OS

2014-12-19 Thread Gert Doering
up which out to be a /30 (255.255.255.252) netmask tun is always point to point, so the netmask has no meaning - there's a here and a there address. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering

  1   2   3   4   5   6   7   >