Re: Re (6): OpenVPN server mode usage.
On Wed January 12 2011 10:14:32 PETER EASTHOPE wrote:
> From: Mike Bird <mgb-debian@yosemite.net>
> Date: Wed, 12 Jan 2011 08:52:41 -0800
>
> > When I try your config on one of my test boxes I find
> > the following in syslog:
> >
> > Jan 12 08:50:18 bul-lb ovpn-myvpn[9850]: Options error: --mode server
> > requires --tls-server
(Peter replied off-list, so I have to omitted his reply.)
Your config works without "mode server". However with "mode server"
you have to use TLS, not a static key:
"man openvpn" states in relevant part:
Server Mode
Starting with OpenVPN 2.0, a multi-client TCP/UDP server mode is sup‐
ported, and can be enabled with the --mode server option. In server
mode, OpenVPN will listen on a single port for incoming client connec‐
tions. All client connections will be routed through a single tun or
tap interface. This mode is designed for scalability and should be
able to support hundreds or even thousands of clients on sufficiently
fast hardware. SSL/TLS authentication must be used in this mode.
--Mike Bird
Reply to: