by Bootalito » Fri Jan 17, 2020 2:31 am
It's been a while, but I just wanted to respond to help other people out in the future that aka's solution was the final solution
Code: Select all
auth-user-pass /bootmedia/configs/pass.txt
with pass.txt being a two line text file with the OpenVPN auth user name on the first line and the password on the second line.
i.e.
Code: Select all
OpenVPNUserName
SomeComplexPassword
I can confirm that WTWare 5.8.50/Rpi is working very well providing remote access for our office manager connecting to a pfsense router (v2.4.4-RELEASE-p3) via OpenVPN configured in the most secure way humanly possible (4096bit DH paramter, AES-256-GCM, only available in the most recent version of OpenVPN, using mode: "SSL/TLS + User Auth" with TLS key mode "TLS Encryption and Authentication". The raspberry pi is mounted to the back of a monitor via a VESA mount.
If the devs would like, I could provide a full write up with screen shots and pictures that they could use to update the documentation (especially the OpenVPN documentation page, which is really lacking) on how to provide a fully secure remote access station for an employee. Please let me know if this is something WTWare would find useful and I'll make some time to provide
It's been a while, but I just wanted to respond to help other people out in the future that aka's solution was the final solution
[code]auth-user-pass /bootmedia/configs/pass.txt[/code]
with pass.txt being a two line text file with the OpenVPN auth user name on the first line and the password on the second line.
i.e.
[code]OpenVPNUserName
SomeComplexPassword[/code]
I can confirm that WTWare 5.8.50/Rpi is working very well providing remote access for our office manager connecting to a pfsense router (v2.4.4-RELEASE-p3) via OpenVPN configured in the most secure way humanly possible (4096bit DH paramter, AES-256-GCM, only available in the most recent version of OpenVPN, using mode: "SSL/TLS + User Auth" with TLS key mode "TLS Encryption and Authentication". The raspberry pi is mounted to the back of a monitor via a VESA mount.
[b]If the devs would like, I could provide a full write up with screen shots and pictures that they could use to update the documentation (especially the OpenVPN documentation page, which is really lacking) on how to provide a fully secure remote access station for an employee. Please let me know if this is something WTWare would find useful and I'll make some time to provide[/b]