OpenVPN Support Forum

I was just wondering because on my Windows 7 system these entrys are in my OpenVPN configuration:

dh xxx_cert/dh1024.pem
cipher AES-128-CBC

But in Ubuntu 10.10 NetworkManager Applet 0.8.1 "dh xxx_cert/dh1024.pem" is missing.

The funny thing is I entered the path to the "dh1024.pem" key manually in NetworkManager but I could never get a connection. When I imported my Windows 7 configuration file into NetworkManager i got immediately a connection but without the "dh1024.pem" key.

My questions:
Is it secure to establish a VPN connection without the "dh1024.pem" key?
Is it normal to do so or a NetworkManager bug?

The dh1024.pem file is used only for setting up an OpenVPN server ; it is not used on the client side. The NetworkManager is used for managing client connections, not server connections, hence the dh1024.pem support is missing.

IIRC, it's not even possible to run openvpn as a client when the line 'dh dh1024.pem' is present.

Thanks janjust,
your answer really helped me.

"IIRC, it's not even possible to run openvpn as a client when the line 'dh dh1024.pem' is present."
That was my problem with Ubuntu. I wonder why it worked with Windows though.

Does this mean I can delete the "dh xxx_cert/dh1024.pem" entry in my Windows Configuration?
And the entry "tls-auth xxx_cert/tls.key 1" from my other VPN provider too?

tls-auth *IS* useful, but 'dh dh1024.pem' cannot be used on the client side.

Thanks again janjust. Topic can be closed.

HOTDOG wrote:Thanks again janjust. Topic can be closed.

Sure, done by request.

That said,

20:19 < Dougy> !ubuntu
20:19 <@vpnHelper> "ubuntu" is dont use network manager!