Menu
▾
▴
RE: [Openvpn-users] openvpn-2.0_beta4 --mode server in Bridged configuration
|
From: Bendtsen, J. <Jon...@la...> - 2004-06-14 09:46:54
|
-----Original Message----- From: ope...@li... on behalf of Adam = Pavelec Sent: Mon 6/14/2004 7:14 AM To: Mathias Sundman Cc: ope...@li... Subject: Re: [Openvpn-users] openvpn-2.0_beta4 --mode server in Bridged = configuration =20 Mathias Sundman said the following on 6/13/2004 2:58 PM [EST]: > You can use either tap or tun with "--mode server", but as you want to = > bridge you will need to use tap. > > Yes, you cannot use pre-shared keys with "--mode server". > > Do you have to create the certificates on a Windows machine, or do you = > just want to know how to create certificates that can be used on a=20 > windows machine? > > If you can create the certs on a linux machine, the easiest way is to=20 > use the scripts included with openvpn in the easy-rsa directory. See=20 > the README file for more info. > > On Windows, I don't know! I don't necessarily _have_ to create the certs on a Windows box, but it=20 would definitely be convenient. I'll give it a shot with my OpenBSD VM=20 at work tomorrow. In the meantime, am I correct to assume that all I=20 will need to do with my config is remove the --secret line and replace=20 it with the appropriate --tls-server, --cert, etc. information (IOW,=20 nothing else /other/ than what's related to how the client = authenticates)? =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D sorry for not using the proper "> " but the imap server is down, and i = have to use this lousy webmail. Anyway, you can use openssl.exe on windows to create the certificates. You can hack the easy-rsa scripts from the easy-rsa dir in the source = code, og steal them from the webpage. I have made some changes and additions to these scripts, such that i = create a .zip file for every user containing: openssl-installer-windows.exe some scripts to change passphrase protecting the certificate the users certificate a script for easy installment of the openvpn config file, certificate, = ... i run my stuff on linux though. JonB |
