OpenVPN - I've Got Some Questions?

Discussion in 'privacy technology' started by DasFox, Nov 7, 2010.

Thread Status:
Not open for further replies.
  1. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    With a vpn I'm using when I looked at the logs for OpenVPN I noticed this;

    OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

    I'm new to OpenVPN is this something setup on the server side? I have the OpenVPN GUI is there anything to be concerned with simply making a connection as a client?

    Also in the log I saw this;

    WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this

    Again something I need to worry about, something I need to set?

    With tls-auth, if I make a key;

    openvpn --genkey --secret ta.key

    In the client configuration, add:

    tls-auth ta.key 1

    Is this going to make the client side for me more secure connecting to the server?

    I downloaded openvpn-2.1.3-install.exe and it looks like this;

    http://openvpn.se/screenshots.html

    When you click on the HowTo the software looks like this;

    http://openvpn.net/index.php/openvp...-to-a-vpn-server-with-the-openvpn-client.html

    So what's the deal with that nicer looking GUI one, is that the latest beta?

    One last question, it said in the setup to right click the icon for Win7 and check it to run as an admin, but I'm running under a admin account in Win7 do I still need to check this, because I didn't.


    THANKS
     
  2. hierophant

    hierophant Registered Member

    Joined:
    Dec 18, 2009
    Posts:
    854
    I can't help re Windows, because I now use Ubuntu VMs for VPNs. Running OpenVPN 2.1.0 i486-pc-linux-gnu with the stock XeroBank config files, I see "NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables". I don't believe that's relevant for this.

    OTOH, I don't see anything re "memory" or "password". And I don't know tis-auth.
     
  3. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    Ok, next hehe... :)


    THANKS
     
  4. raidershog

    raidershog Registered Member

    Joined:
    Jul 31, 2010
    Posts:
    21
    Sorry that I didn't answer your question sooner but I needed to dig-up some old references before I "stuck my neck out"!

    I presently run Vista 32-bit on a laptop & Windows 7 64-bit on my desktop. I first ran OpenVPN when I still had XP Professional; however I first learned about the new "quirks" regarding Vista after I bought my laptop. The following is a cut/paste of an old reference that is STILL valid & also (obviously) applies to Windows 7. Because of UAC I always "install" ANY new program with "Administrator" rights--the old "right-click". Again, the following cut/paste will better explain WHY OPenVPN needs to be both "installed" & "launched" by right-clicking to "Run as Administrator":

    The biggest problem with Vista and OpenVPN is one of administrator rights. In trying to protect Vista from malicious software, a new feature called 'UAC' has been added. It prevents software from launching with administrator privileges even if you are logged in as the administrator. This feature can affect your ability to successfully run OpenVPN, in a few ways. Upon installation of the software, it can prevent proper installation of the TAP driver -- which is essential to OpenVPN. Even if installed with administrator rights, it can prevent the software from obtaining enough rights to create a connection. A typical error often seen in the OpenVPN log when using Vista often looks something like this:

    Mon May 19 18:44:45 2008 Route addition via IPAPI failed [adaptive]
    Mon May 19 18:44:45 2008 Route addition fallback to route.exe
    The requested operation requires elevation.

    This error is telling the user that the application does not have enough rights to add the route.

    The solution to all problems regarding OpenVPN and Vista can be resolved by following the steps below:

    1) Use OpenVPN version 2.1 or later

    2) When installing OpenVPN on Vista, always right click on the file and use the 'install as admin' option

    3) Always right click and run OpenVPN as administrator


    I HOPE this helps!! :thumb:
     
  5. DasFox

    DasFox Registered Member

    Joined:
    May 5, 2006
    Posts:
    1,825
    I realize now after using OpenVPN in Linux that these are all command line arguments that you can place after running openvpn in the command line, so I understand them now.

    By the way on Windows 7 I'm running my desktop with an Admin account so I just installed and ran OpenVPN and I never had to right click anything to run as an Admin and everything works fine. :)


    THANKS
     
Loading...
Thread Status:
Not open for further replies.