Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 14 July 2020, 06:54:01 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14011 Posts in 4271 Topics by 6110 Members
Latest Member: eleolo
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  WARNING about Man in the middle attack (mitm)
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: WARNING about Man in the middle attack (mitm)  (Read 3421 times)
Jr. Member
Offline Offline

Posts: 4

« on: Monday 01 June 2015, 08:35:27 pm »

Running EFW (2.5) since a long time and working smoothly.

I almost rarely check OpenVPN server's log file but recently someone showed me this warning (OpenVPN client's log file).

WARNING: No server certificate verification method has been enabled see "openvpn.net/index.php/open-source/documentation/howto.html#mitm".

Then I checked server log file.

WARNING: file "/var/efw/openvpn/pkcs12.p12" is group or others accessible
WARNING: POTENTIALLY DANGEROUS OPTION --client-cert-not-required may accept clients which do not present a certificate

Did anyone noticed on EFW 2.5 or EFW 3.0?

Should I really care about those warnings? How can I do it to prevent them?

Thank you
Jr. Member
Offline Offline

Posts: 4

« Reply #1 on: Monday 01 June 2015, 08:39:42 pm »

Using PSK (username and password) method for OpenVPN.
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.027 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com