Joined: 13 Aug 2013 Posts: 6870 Location: Romerike, Norway
Posted: Sun Oct 15, 2017 16:03 Post subject:
There is no difference in the certificates between tun and tap.
With tun, there have to be different sub-nets on both sides, while tap needs the same on both sides.
FIRMWARE:OpenWrt SNAPSHOT r8217-2cc821e / LuCI Master (git-18.276.41146-280dd33) MODEM:ARRIS SURFBoard SB8200 ROUTER:Linksys WRT32X USB NAS:Western Digital BLACK 1 TB Hardrive + Startech USB 3.0 External SATA III Enclosure
I followed the steps outlined by jxm (thank you sir) and have 2 questions.
(1) For some reason, my .pem file was created as : "dh4096.pem" and stored in the easy-rsa/keys folder.
Does this mean that OpenVPN will use 4096 bit encryption? I wanted to try and set this up using 2048 encryption so I could do side by side speed tests using my 1900ACv2 and a PiVPN setup I have been using.
(2) If the dh4096.pem is the instruction that tells openvpn to use 4096 encryption, where in the setup process did I go wrong, if my desire is to use 2048 bit encryption?