5. OpenVPN

OpenVPN

  • F

    Hi everyone, I have a problem with server certificate verification when i establish a connection.

    It's work well but I have a waring in the log file :

    No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.

    This problem can result to man in the middle attacks.

    I saw that I have to use the remote-cert-tls server parameter but in order to do this I also have to build a server-only certificate.

    The user interface of pfSense don't seems to allow this. What is the solution to solve this problem?

    Thanks

    0
  • F

    No one can help me?

    0
  • S

    The pfSense GUI (from 1.2.3 at least) doesn't provide you with PKI (CA and certificate) management tools. You will have to create your own, either on Unix or Windows depending on your environment. There are many ways to do this, but I suppose the easiest way is to stick with the utilities that are provided with OpenVPN. You can read a bit more about it in the documentation here.

    0
  • C

    You already have a server certificate, just add that to the client configuration. That'll be added to the client export before release.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy