Search the Community
Showing results for tags 'link-mtu'.
-
OpenVPN Warning: tun-mtu and link-mtu used inconsistently
nosuchthing posted a question in VPN Linux Support
When I launch my .ovpn configuration with: "sudo openvpn --config TorGuard.TCP.ovpn" I receive three warnings that I am having trouble fixing. Although I do have a connection that seems to work well. I rather not have any warnings. WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1560', remote='link-mtu 1592' WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532' and WARNING: file 'auth.txt' is group or others accessible Here is my TorGuard.TCP.ovpn file contents. client dev tun redirect-gateway def1 proto tcp # The xxxx are replaced with whichever country remote xxxxx.torguardvpnaccess.com 995 resolv-retry infinite nobind persist-key persist-tun ca ca.crt remote-cert-tls server cipher AES-256-CBC auth-user-pass auth.txt comp-lzo verb 1 reneg-sec 0 auth-nocache ;link-mtu 1592 ;tun-mtu 1532 user nobody group nobody dhcp-option DNS 10.23.0.1 To address the first two warnings, I though to add the link-mtu 1592 and tun-mtu 1532 to match the remote server, but recieved an error that I can't specify both. So I kept the link-mtu 1592 and took out the tun-mtu 1532. This configuration seemed to work the best because I no longer have the first two warnings, but a new one: WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1532) How should I configure my link-mtu and tun-mtu with warnings and what would be a good way to secure my auth.txt file to remove the the group accessibility? Thank you for your time.