This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
vpn-server [2023/09/12 18:50] – [Routing everything over the VPN] -condense, formatting hogwild | vpn-server [2023/09/12 19:48] – [TLS Control channel security] hogwild | ||
---|---|---|---|
Line 136: | Line 136: | ||
- | ==== TLS Control | + | ==== TLS Control |
(tls-auth/ | (tls-auth/ | ||
Line 179: | Line 179: | ||
In Static Key encryption mode, the HMAC key is included in the key file. In TLS mode, the HMAC key is dynamically generated and shared between peers via the TLS control channel. If OpenVPN receives a packet with a bad HMAC, it will drop the packet. HMAC usually adds 16 or 20 bytes per packet. | In Static Key encryption mode, the HMAC key is included in the key file. In TLS mode, the HMAC key is dynamically generated and shared between peers via the TLS control channel. If OpenVPN receives a packet with a bad HMAC, it will drop the packet. HMAC usually adds 16 or 20 bytes per packet. | ||
- | For basic HMAC information, | + | For basic HMAC information, |
- | [[https:// | + | |
==== VPN Subnet/ | ==== VPN Subnet/ | ||
Line 195: | Line 195: | ||
===== Advanced Tab ===== | ===== Advanced Tab ===== | ||
- | \\ | + | |
- | {{: | + | \\ {{: |
- | \\ | + | |
==== Poll Interval ==== | ==== Poll Interval ==== | ||
Line 414: | Line 415: | ||
crl / | crl / | ||
</ | </ | ||
+ | |||
+ | \\ | ||
Line 467: | Line 470: | ||
</ | </ | ||
+ | \\ | ||
- | ==== What about IPv6? ==== | ||
- | OpenVPN v2.3 and later supports | + | ==== About IPv6 ==== |
+ | |||
+ | OpenVPN v2.3 and later support | ||
+ | |||
+ | \\ | ||
For example, adding this will configure the IPv6 addresses for server and clients: | For example, adding this will configure the IPv6 addresses for server and clients: | ||
+ | |||
+ | \\ | ||
<code -> | <code -> | ||
server-ipv6 2001: | server-ipv6 2001: | ||
</ | </ | ||
+ | |||
+ | \\ | ||
You can use the // | You can use the // | ||
+ | |||
+ | \\ | ||
<code -> | <code -> | ||
Line 484: | Line 497: | ||
</ | </ | ||
+ | \\ | ||
+ | \\ | ||