Project

General

Profile

Actions

Todo #13189

closed

Input validation should reject the combination of DCO and P2P mode

Added by Jim Pingle about 1 month ago. Updated about 13 hours ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
OpenVPN
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Release Notes:
Force Exclusion

Description

DCO has issues with OpenVPN's peer-to-peer mode (tunnel network /30-/32) and we should prevent that combination of settings.

It looked like it might work at first but as the DCO implementation in OpenVPN has evolved it's having issues because P2P mode can't negotiate the necessary parts for DCO.

It works fine with client/server mode (e.g. /24 tunnel network).

The only way to tell the difference is by the size of the tunnel network so we can't hide things automatically, but we can detect it on save and also note the limit in the GUI.

Actions #1

Updated by Jim Pingle about 1 month ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions #2

Updated by Jim Pingle about 1 month ago

  • Status changed from Feedback to In Progress

Still needs a note under the IPv4 tunnel network fields about this not being compatible.

Actions #3

Updated by Jim Pingle about 1 month ago

  • Status changed from In Progress to Feedback
Actions #4

Updated by Jim Pingle about 1 month ago

  • Release Notes changed from Default to Force Exclusion
Actions #5

Updated by Jim Pingle about 13 hours ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF