This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
vpn-server [2023/09/12 19:32] – [Advanced Tab] -formatting hogwild | vpn-server [2023/09/12 19:48] – [TLS Control channel security] hogwild | ||
---|---|---|---|
Line 136: | Line 136: | ||
- | ==== TLS Control | + | ==== TLS Control |
(tls-auth/ | (tls-auth/ | ||
Line 179: | Line 179: | ||
In Static Key encryption mode, the HMAC key is included in the key file. In TLS mode, the HMAC key is dynamically generated and shared between peers via the TLS control channel. If OpenVPN receives a packet with a bad HMAC, it will drop the packet. HMAC usually adds 16 or 20 bytes per packet. | In Static Key encryption mode, the HMAC key is included in the key file. In TLS mode, the HMAC key is dynamically generated and shared between peers via the TLS control channel. If OpenVPN receives a packet with a bad HMAC, it will drop the packet. HMAC usually adds 16 or 20 bytes per packet. | ||
- | For basic HMAC information, | + | For basic HMAC information, |
- | [[https:// | + | |
==== VPN Subnet/ | ==== VPN Subnet/ |