Jump to content
Not connected, Your IP: 18.224.55.63
AirVPN
Sign in to follow this  
Followers 0
Air4141841

TLS keydir direction usage

By Air4141841, ... in General & Suggestions

Recommended Posts

Air4141841    24

Air4141841
Posted ...

Good Day,

with newer versions of pfsense the option is there to set the option to:
direction 1
direction 0
both
use default direction.

going forward what does Staff suggest we set this option too?


 

Share this post

Link to post

Staff    9972

Staff
Posted ...
@Air4141841

Hello!

key-direction 1 when you use TLS Auth key (i.e. you connect to entry-IP addresses 1 and 2).

Omit it when you use TLS Crypt (i.e. you connect to entry-IP addresses 3 and 4), because it's not pertaining to TLS Crypt.

For an explanation, look for secret file [direction]  and –key-direction in the manual https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/

If you run OpenVPN 2.4 or higher version, TLS Crypt is recommended because it encrypts the whole Control Channel, with the important side effect to make OpenVPN "fingerprint" not detectable by Deep Packet Inspection (some ISPs, when they detect OpenVPN "fingerprint", enforce traffic shaping).

Kind regards
 
nexsteppe, stupid are cocksure and Air4141841 reacted to this

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...