OpenVPN bridged network without authentication












1















I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:



dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1


Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.










share|improve this question


















  • 1





    Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.

    – roaima
    May 9 '15 at 17:23
















1















I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:



dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1


Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.










share|improve this question


















  • 1





    Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.

    – roaima
    May 9 '15 at 17:23














1












1








1








I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:



dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1


Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.










share|improve this question














I would like to configure OpenVPN multi-client server in bridged mode(tap virtual interface). My server-side configuration is following:



dev tap0
proto udp
port 1194
mode server
ifconfig-pool 10.10.1.97 10.10.1.98 255.255.255.192
management 127.0.0.1 1194
auth none
log-append /var/log/openvpn.log
verb 1


Now when I start the OpenVPN server I receive the --mode server requires --tls-server error message and server does not start. Is it mandatory to use TLS with multi-client bridged mode? For example it is possible to set up point-to-point L3(tun interface) VPN's without authentication and encryption.







openvpn






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Apr 27 '15 at 16:12









MartinMartin

3792571137




3792571137








  • 1





    Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.

    – roaima
    May 9 '15 at 17:23














  • 1





    Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.

    – roaima
    May 9 '15 at 17:23








1




1





Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.

– roaima
May 9 '15 at 17:23





Is that "without either authentication or encryption", or "without authentication but with encryption"? Your last clause is ambiguous.

– roaima
May 9 '15 at 17:23










1 Answer
1






active

oldest

votes


















0














As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.



I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f198933%2fopenvpn-bridged-network-without-authentication%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.



    I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...






    share|improve this answer




























      0














      As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.



      I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...






      share|improve this answer


























        0












        0








        0







        As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.



        I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...






        share|improve this answer













        As I understand it, OpenVPN is a TLSv1 SSL Tunnel designed to create secure point to point connections, so if you didnt want authentication or encryption you would simply connect to the machines' public IP.



        I have setup OpenVPN several times and when testing we use no authentication and self-signed SSL certificates. This is by far the easiest way to setup OpenVPN. If you setup your keychain with a revocation list, you can disable access to a client using the revocation list. Here is some info you can use to generate the self-signed certificate...







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered May 3 '15 at 19:16









        ir0hir0h

        32114




        32114






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f198933%2fopenvpn-bridged-network-without-authentication%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            How to make a Squid Proxy server?

            Is this a new Fibonacci Identity?

            19世紀