Setting Up OpenVPN on pfSense for TLS 1.2 servers
Hey I've got proper working connections to different AirVPN servers but these are all non-TLS servers. I am now trying to setup a TLS connection, to Castor. I've generated the config and downloaded the new tls-crypt.key file. I assume I need to use that instead of the "ta.key", that used to go into the TLS KEY field where I'd previously pasted the ta.key? Other than that, I'm not sure what other settings I need to change. I've enabled logging to verbose 5 but I'm not getting a lead to what
Your title is misleading. TLS 1.2 has been in use for some time. tls-crypt is what's new. Paste in the tls-crypt.key info into the key field, and then below it select the option for authentication and encryption. Then also change the auth digest to SHA512. that should be what you need to connect. If you aren't already doing it, you should also see performance improvement using AES-256-GCM as data cipher vs CBC
