@Bambos said in HEADS UP: OpenVPN deprecating shared key mode, requires TLS, deprecating cipher selection:
for the remote access VPN, if is SSL/TLS + User auth, does this working with freeradius as well ?
I'm using FreeRadius myself for the captive portal.
Never tried to do this ... 😊
You probably want also see this one also : FreeRadius on pfSense software for Two Factor Authentication although I presume that article was written for those who wanted to "why do things the easy way if much harder is so much better ?"
@Bambos said in HEADS UP: OpenVPN deprecating shared key mode, requires TLS, deprecating cipher selection:
i have many 2.6 versions clients to upgrade
Keep in mind that 2.6.0 uses the "old" (now completly ditched because of security) OpenVPN (and now also old OpenSSL !!) libaries.
The recent pfSense uses the more modern OpenVPN and OpenSSL.
All this means that some options won't work anymore.
Some more options will work, but will be depreciated soon (as usual).
I Use OpenVPN myself, so I always have a look at the "source" : web pages like this and the classic openvpn support forum.
The OpenVPN client also changed to support the newer OpenVPN server.
And yes, I agree, syncing the entire openvpn user fleet can be a hassle.