Date: May 9, 2021
We use OpenVPN extensively with RADIUS or LDAP authentication. tls-crypt is used in all cases. Because… reasons. pfSense: Has this feature exposed in the GUI and working fine for years. OPNsense: Has the feature not exposed in the GUI. But this is not necessarily a big deal because an admin can easily paste the relevant … Read More
Date: May 9, 2021
This is an issue that no doubt has brought many people to look at OPNsense again or for the first time. WireGuard has enjoyed increasing popularity in the last year or so. Due to its stateless nature it performs really well on mobile devices that may switch between LTE, 5G, WiFi networks. There is no … Read More
Date: September 13, 2020
What ? We want Wireguard clients to connect to a middleman box that will route out to the internet via an OpenVPN client. Why ? Some of our sites have poor performance to the OpenVPN server. Wireguard clients are more seamless and battery/resource saving on mobile devices. We have a Wireguard server in a datacenter … Read More
Date: February 10, 2019
Categories:
FreePBX,
OpenVPNIssue: On an install of FreePBX 14 with responsive firewall and OpenVPN server enabled there is no mitigation against brute force attacks against the OpenVPN server. /var/log/messages is getting spammed with failed handshakes: Feb 3 16:17:19 voipserver234 openvpn: Sun Feb 3 16:17:19 2019 103.37.x.x:49060 TLS: Initial packet from [AF_INET]103.37.x.x:49060, sid=6a22eb44 5adb63fe Feb 3 16:17:19 voipserver234 … Read More