[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] resolved: new openvpn problem

  • Subject: [Openvpn-users] resolved: new openvpn problem
  • From: "Tibbs, Richard" <rwtibbs@xxxxxxxxxxx>
  • Date: Sun, 5 Dec 2004 17:58:07 -0500

OK, what I had to do, since I had compiled in ip(2) support is get rid
of the up script altogether and add a route command.
I have now a working tun0 link. What works in openvpn.conf is shown
I did a little documentation for my own sanity.
I am still confused by one thing. In the openvpn 2.x readme (installed
on my winXP wireless laptop) it says
* To get OpenVPN 2.0 to talk with the 1.5/1.6 versions, put this in the
config file:

  tun-mtu 1500
  tun-mtu-extra 32
  mssfix 1450
  key-method 2

* For TLS usage, --key-method 2 is now the default.  Use --key-method 1
communicate with 1.x.
The last sentence seems to contradict the 1.x configs above it.

I assume they mean to say key-method 1 the first time, Right??

Thanks again,

# Sample OpenVPN configuration file for
# using a pre-shared static key.
# ' or ';' may be used to delimit comments.

# Use a dynamic tun device.
dev tun
# For compatability with 2.x openvpn clients/servers
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
# When using TLS-security (tls-server) uncomment this for 2.x
#key-method 2

local 216.x.y.z #(anonymized...)
# Remote peer (wireless internal w/o RU vpn)

# is our local VPN endpoint
# is our remote VPN endpoint (home wlan)
# ifconfig command is for backward compat. even though ip(2) is
# is our local VPN endpoint (for office sub)
# is our remote VPN endpoint for offic subnet
# don't use in 1.6 or beyond:  up /etc/openvpn/openvpn.up
# instead use a route command for the wireless laptop on internal net.
# the rest of the route params default to mask=/32, nexthop=ifconfig
parm 2.

Openvpn-users mailing list