Re: Re (6): OpenVPN server mode usage.

To: debian-user@lists.debian.org
Subject: Re: Re (6): OpenVPN server mode usage.
From: Mike Bird <mgb-debian@yosemite.net>
Date: Wed, 12 Jan 2011 10:42:45 -0800
Message-id: <[🔎] 201101121042.45667.mgb-debian@yosemite.net>
In-reply-to: <cee4f839a1483.4d2d7f08@shaw.ca>
References: <cee4f839a1483.4d2d7f08@shaw.ca>

On Wed January 12 2011 10:14:32 PETER EASTHOPE wrote:
> From:	Mike Bird <mgb-debian@yosemite.net>
> Date:	Wed, 12 Jan 2011 08:52:41 -0800
>
> > When I try your config on one of my test boxes I find
> > the following in syslog:
> >
> > Jan 12 08:50:18 bul-lb ovpn-myvpn[9850]: Options error: --mode server
> > requires --tls-server

(Peter replied off-list, so I have to omitted his reply.)

Your config works without "mode server".  However with "mode server"
you have to use TLS, not a static key:

"man openvpn" states in relevant part:

 Server Mode
       Starting  with  OpenVPN 2.0, a multi-client TCP/UDP server mode is sup‐
       ported, and can be enabled with the --mode server  option.   In  server
       mode,  OpenVPN will listen on a single port for incoming client connec‐
       tions.  All client connections will be routed through a single  tun  or
       tap  interface.   This  mode  is designed for scalability and should be
       able to support hundreds or even thousands of clients  on  sufficiently
       fast hardware.  SSL/TLS authentication must be used in this mode.


--Mike Bird

Reply to:

Follow-Ups:
- Re (7): OpenVPN server mode usage.
  - From: peasthope@shaw.ca

Prev by Date: Re: Re (5): OpenVPN server mode usage.
Next by Date: Re: Re (4): OpenVPN server mode usage.
Previous by thread: Re (6): OpenVPN server mode usage.
Next by thread: Re (7): OpenVPN server mode usage.
Index(es):
- Date
- Thread