lambda.cx blog Sharing notes with the internet
Posts with the tag openvpn:

Creating a VPN Gateway with OpenBSD 6.7

The Problem Say you have an account with a VPN provider. Maybe there are a limit to how many connections you can have with one account. Maybe you want to put more machines than you have connections on the account. Or maybe you want to put a large number of machines of the connection, maybe some FreeBSD Jails, LXC containers, or VMs, and you don't want to download the VPN profiles, sign in and configure them all individually.

Issues with OpenVPN on OpenBSD 6.7

EDIT: (August 22, 2020) Theo Buehler has kindly reached out to me and informed me that this issue has just been fixed in a syspatch, and that OpenVPN now works correctly. Hi. Regarding https://blog.lambda.cx/posts/openvpn-issues-openbsd/, the issue you describe in this post should be fixed in 6.7-stable. It boils down to this: ProtonVPN appears to require clients to use P-521 for the TLSv1.3 key exchange. Released versions of OpenVPN do not permit customizing the curve to use for the key exchange (they added a –tls-groups option in their dev branch).