Key mismatches

OpenVPN offers extra protection for its TLS control channel in the form of HMAC keys. These keys are exactly the same as the static "secret" keys used in Chapter 1, Point-to-Point Networks, for point-to-point style networks. For multi-client style networks, this extra protection can be enabled using the tls-auth directive. If there is a mismatch between the client and the server related to this tls-auth key, then the VPN connection will fail to get initialized.

Getting ready

Set up the client and server certificates using the first recipe from Chapter 2, Client-server IP-only Networks. For this recipe, the server computer was running CentOS 6 Linux and OpenVPN 2.3.11. The client was running Fedora 22 Linux and OpenVPN 2.3.11. Keep ...

Get OpenVPN Cookbook - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

OpenVPN Cookbook - Second Edition by Jan Just Keijser

Key mismatches

Getting ready

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly