Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN

    2.0-RC Snapshot Feedback and Problems - RETIRED
    3
    4
    1337
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      freetomfr last edited by

      Hi everyone, I have a problem with server certificate verification when i establish a connection.

      It's work well but I have a waring in the log file :

      No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.

      This problem can result to man in the middle attacks.

      I saw that I have to use the remote-cert-tls server parameter but in order to do this I also have to build a server-only certificate.

      The user interface of pfSense don't seems to allow this. What is the solution to solve this problem?

      Thanks

      1 Reply Last reply Reply Quote 0
      • F
        freetomfr last edited by

        No one can help me?

        1 Reply Last reply Reply Quote 0
        • S
          scoop last edited by

          The pfSense GUI (from 1.2.3 at least) doesn't provide you with PKI (CA and certificate) management tools. You will have to create your own, either on Unix or Windows depending on your environment. There are many ways to do this, but I suppose the easiest way is to stick with the utilities that are provided with OpenVPN. You can read a bit more about it in the documentation here.

          1 Reply Last reply Reply Quote 0
          • C
            cmb last edited by

            You already have a server certificate, just add that to the client configuration. That'll be added to the client export before release.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense Plus
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy