Todo #13189: Input validation should reject the combination of DCO and P2P mode - pfSense Plus - pfSense bugtracker

Actions

Copy link

Todo #13189

closed

Input validation should reject the combination of DCO and P2P mode

Added by Jim Pingle almost 2 years ago. Updated almost 2 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Jim Pingle

Category:

OpenVPN

Target version:

22.05

Start date:

Due date:

% Done:

100%

Estimated time:

Release Notes:

Force Exclusion

Description

DCO has issues with OpenVPN's peer-to-peer mode (tunnel network /30-/32) and we should prevent that combination of settings.

It looked like it might work at first but as the DCO implementation in OpenVPN has evolved it's having issues because P2P mode can't negotiate the necessary parts for DCO.

It works fine with client/server mode (e.g. /24 tunnel network).

The only way to tell the difference is by the size of the tunnel network so we can't hide things automatically, but we can detect it on save and also note the limit in the GUI.

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Plus

Custom queries

Todo #13189

Input validation should reject the combination of DCO and P2P mode

Updated by Jim Pingle almost 2 years ago

Updated by Jim Pingle almost 2 years ago

Updated by Jim Pingle almost 2 years ago

Updated by Jim Pingle almost 2 years ago

Updated by Jim Pingle almost 2 years ago