I am starting to move our OpenVPN-setup from 1.5 til 2.0.
In the 1.5-setup we have a seperate tls-auth file for each user. We want
to use that in our 2.0-setup too, but I cannot see the possibility in
the howto, and my experiment did not succeed.
Is it possible to have a line in the /etc/openvpn/ccd/CN-name-file like:
tls-auth /etc/openvpn/key-file/mc-key.file 0
When I have the line in /etc/openvpn/server.conf the connections works.
When I move it to the ccd-file, I get an error on the server:
Tls-error: reading acknowledgement record from packet
and on the client:
Tls-error: Cannot locate HMAC in incoming packet
Openvpn-users mailing list