Hi,
It would be great if it would be possible to configure some more advanced settings for OpenVPN directly via options in the GUI rather than using the "Advanced configuration" field. I am thinking of GUI options reflecting the following OpenVPN config options:
Is there anything planned? Also OpenVPN running as unpriviledged user would be superb :)
I鈥檒l work on this as time permits.
The client export also includes "--comp-lzo" which has been depreciated. The new method is "--compress [algorithm]".
+1 for this. Please ;-)
Security wise, these are very good controls to have. Some do not have a good way of implementing using the free form advanced settings box. Good as in, fully included in config backups / restores, or OpenVPN client config exports.
Should the TLA-AUTH feature be replaced by TLS-CRYPT or be choosable as an alternative ?
i need this feature also very desperately, so i perhaps community could help on this (if desired) ?
tls-auth and tls-crypt should coexist as selectable options. One does not deprecate the other. You can only use one of them at a time. If nothing else, they should both remain as options for backwards compatibility with pre-existing setups.
@AdSchellevis maybe you have incentive to work on this earlier, for now I'll have to push to 19.7
@fichtner I have no plans for this at the moment, move further is certainly fine.
Hello,
I also need tls-crypt option for more security.
At this time I run my openvpn-server on my raspberry!
+1 on tls-crypt, without it it's really a pain
It would be nice to have this feature implemented.
Btw, there is a workaround:
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
key data here
-----END OpenVPN Static key V1-----
</tls-crypt>
Hi, we are planning to migrate all our pfsense boxes ( 30 boxes aprox. ) to opnsense because we found opnsense better but this "missing" ui feature for openvpn is quite annoying we have to say, would be really appreciated if this is done in the next release
Please think about those one too :
We can provide openvpn conf files to help
sorry for my english !
Most helpful comment
It would be nice to have this feature implemented.
Btw, there is a workaround: