OpenVPN bridged network without authentication
I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:
dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1
Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.
openvpn
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
add a comment |
I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:
dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1
Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.
openvpn
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
1
Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.
– roaima
May 9 '15 at 17:23
add a comment |
I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:
dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1
Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.
openvpn
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:
dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1
Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.
openvpn
openvpn
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
asked Apr 27 '15 at 16:12
MartinMartin
3792571137
3792571137
1
Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.
– roaima
May 9 '15 at 17:23
add a comment |
1
Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.
– roaima
May 9 '15 at 17:23
1
1
Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.
– roaima
May 9 '15 at 17:23
Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.
– roaima
May 9 '15 at 17:23
add a comment |
1 Answer
1
active
oldest
votes
As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.
I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...
answered May 3 '15 at 19:16
ir0hir0h
32114
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f198933%2fopenvpn-bridged-network-without-authentication%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.
I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...
answered May 3 '15 at 19:16
ir0hir0h
32114
add a comment |
As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.
I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...
answered May 3 '15 at 19:16
ir0hir0h
32114
add a comment |
As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.
I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...
answered May 3 '15 at 19:16
ir0hir0h
32114
As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.
I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...
answered May 3 '15 at 19:16
ir0hir0h
32114
answered May 3 '15 at 19:16
ir0hir0h
32114
answered May 3 '15 at 19:16
ir0hir0h
32114
answered May 3 '15 at 19:16
ir0hir0h
32114
32114
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f198933%2fopenvpn-bridged-network-without-authentication%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.
– roaima
May 9 '15 at 17:23