[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Re (6): OpenVPN server mode usage.



On Wed January 12 2011 10:14:32 PETER EASTHOPE wrote:
> From:	Mike Bird <mgb-debian@yosemite.net>
> Date:	Wed, 12 Jan 2011 08:52:41 -0800
>
> > When I try your config on one of my test boxes I find
> > the following in syslog:
> >
> > Jan 12 08:50:18 bul-lb ovpn-myvpn[9850]: Options error: --mode server
> > requires --tls-server

(Peter replied off-list, so I have to omitted his reply.)

Your config works without "mode server".  However with "mode server"
you have to use TLS, not a static key:

"man openvpn" states in relevant part:

 Server Mode
       Starting  with  OpenVPN 2.0, a multi-client TCP/UDP server mode is sup‐
       ported, and can be enabled with the --mode server  option.   In  server
       mode,  OpenVPN will listen on a single port for incoming client connec‐
       tions.  All client connections will be routed through a single  tun  or
       tap  interface.   This  mode  is designed for scalability and should be
       able to support hundreds or even thousands of clients  on  sufficiently
       fast hardware.  SSL/TLS authentication must be used in this mode.


--Mike Bird


Reply to: