IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [openvpn]

An open source virtual private networking application written by James Yoan and published under the General Public License (GPL).

OpenVPN is an open source virtual private networking application written by James Yoan and published under the General Public License (GPL).

Related reading

239 questions
8
votes
1 answer

OpenVPN -cipher vs -tls-cipher?

I'm currently using the -tls-cipher command on server to only allow the cipher I want (TLS-DHE-RSA-WITH-AES-256-GCM-SHA384) but there is the command -cipher too, and OpenVPN's man page is not really clear with the differences between them. Googling…
Freedo
  • 2,273
  • 5
  • 20
  • 29
5
votes
1 answer

Why does OpenVPN have reneg-sec on 3600?

Basically, every hour OpenVPN renegotiates the TLS keys. What is the advantage of this, and what are the risks to reducing that to, for example, once per day?
Johan de Vries
  • 51
  • 1
  • 2
4
votes
2 answers

Security of using a single cert/key in an OpenVPN Setup

Im curious about how secure a OpenVPN setup that uses a single cert/key to authenticate against the server, compared to a OpenVPN setup that uses a separate cert/key combination for each OpenVPN client. The OpenVPN server configuration has a section…
TearsOnTheMoon
  • 58
  • 4
2
votes
0 answers

Should both client and server have "--remote" arg in OpenVPN?

I'm reading the Mastering OpenVPN book, and in the examples, the server doesn't use the "--remote" arg, but the client does. This makes sense - the server just listens for connections, while the client needs to know what IP/domain to connect…
Tal
  • 131
  • 2
2
votes
2 answers

Is OpenVPN With No Client Certificates Encrypted?

We recently installed a pfSense based firewall which with little fuss generated an OpenVPN installer that contains no client side certificates. Most members of our team have used OpenVPN in some capacity or another over the last 10 years and have…
jriffel73
  • 23
  • 4
1
vote
1 answer

OpenVPN Client Authentication and CA

How does a client verify that the OpenVPN server certificate was signed by the master CA? Based on OpenVPN setup clients are usually supplied with only their own certificate and private key and CA certificate.
user843521
  • 61
  • 1
  • 4
1
vote
1 answer

How does OpenVPN handle previously established connections?

Started using OpenVPN on my desktop computer and monitored the traffic with Microsoft network monitor. What I noticed, is that when the openvpn session is initialized, only connections established after this point are routed through the VPN. That is…
Stephen K
  • 111
  • 1
1
vote
1 answer

Tunnel Openvpn traffic through ssh?

I know similar question have been asked but none of them are explained thoroughly. I have setup a VPS and setup openvpn using https://github.com/Nyr/openvpn-install on tcp and port 443(I have access to limited open ports). Now I want to tunnel the…
aks
  • 11
  • 2
1
vote
1 answer

What's the drawback of enabling auth-nocache in OpenVPN?

Using a "default" configuration, OpenVPN clients show the following warning when connecting to a VPN server in red, attention-seeking letters: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent…
Heinzi
  • 3,088
  • 2
  • 23
  • 27
1
vote
3 answers

OpenVPN vs. Closed Source

We're getting push back from a third party (much larger company) over our decision to use OpenVPN to protect our AWS resources. Specifically, they're claiming that closed source is in general more secure than open source, a claim that is effectively…
rambler
  • 64
  • 3
1
vote
0 answers

Trouble Configuring OpenVPN

I'm trying to setup OpenVPN for a LAN, the OpenVPN server is sitting on 192.168.1.99 (Static assigned) on the LAN, the LAN gateway is 192.168.1.254 (ATT400 Router from AT&T), and the subnet is 255.255.255.0. If I run a hotspot through my Android…
John Ernest
  • 111
  • 2
1
vote
1 answer

Is there a good step by step troubleshooting resource to the common OpenVPN configuration error "TLS Error: TLS key negotiation failed"?

I'm setting OpenVPN for the first time [on a derivative of pfSense OPNSense] I see in my OpenVPN logs the message: "... TLS Error: TLS key negotiation failed ..." Research has showed me that this is the most common error encountered by new…
user1172468
  • 111
  • 3
0
votes
1 answer

How secure is this way to use open VPN

I have installed openVPN using the following link http://www.vpnbook.com/howto/setup-openvpn-on-ubuntu I would like to ask is it really secure . the password is available for everyone and the configuration files also are public so can I consider…
Fat Mind
  • 101
  • 1
0
votes
2 answers

Secure and fast communication between 2 VM's

I'm posed with a situation where i am uncertain which way to go. We have 2 Virtual Machines set up at a host that'll act as a webserver and a database server. Obviously, both will have to communicate with eachother. Now currently the way that it's…
Jdeboer
  • 23
  • 3
0
votes
0 answers

Not able to view a webpage or connect to a service on a VM connected using OpenVPN, only able to perform Nmap scans

I've tried asking this question in hack the box forum, but nothing has worked so far. When I connect to a vulnerable machine using a tunneled IP using OpenVPN, all I'm able to do to a box is scan it (which is working fine), irrespective of the…
Karan Bakshi
  • 3
  • 2
1
2