Trying tls for first time I am getting error in vyos and vyatta.
As I do not know why and the consecuenses of this error, I wonder if is there that I can do.
Using gnomint to generate certificates. Using 4096 for certificates and dh-file (paranoia with NSA)
Active point is vyos
openvpn vtun1 {
description casa-intradata
local-address 10.1.200.85 {
}
local-host xxx.xxx.201.100
local-port 1195
mode site-to-site
remote-address 10.1.200.86
remote-host xxx.xxx.253.9
remote-port 1195
tls {
ca-cert-file /config/auth/mydomain.com.cer
cert-file /config/auth/casa.mydomain.com.cer
dh-file /config/auth/dh4096.pem
key-file /config/auth/casa.mydomain.com.key
role passive
}
}
vyos@fw# commit
[ interfaces openvpn vtun1 ]
WARN: could not open database for 4096 bits. Skipped
[edit]
vyos@fw#
Passive point is vyatta
openvpn vtun1 {
description intra-casa
local-address 10.1.200.86 {
}
local-host xxx.xxx.253.9
local-port 1195
mode site-to-site
remote-address 10.1.200.85
remote-host xxx.xxx.201.100
remote-port 1195
tls {
ca-cert-file /config/auth/mydomain.com.cer
cert-file /config/auth/intradata.mydomain.com.cer
key-file /config/auth/intradata.mydomain.com.key
role active
}
}
vyatta@R-intra# commit
[ interfaces openvpn vtun1 ]
WARN: could not open database for 4096 bits. Skipped
[edit]
vyatta@R-intra#