ThePiratkapten
New Around Here
Hi all!
I am currently setting up a site-to-site VPN between two ASUS RT-AC68U, latest stock firmware. The tunnel works fine but not when "Extra HMAC authorization" is set to bi-directional. If the same option is set to "Disable" or "Incoming (0)" it works. That is, only when not bi-directional my 'client' router can connect to my 'server' router. However, I can connect to the 'server' router with bi-directional enabled from my iPhone with the OpenVPN app. So it appears that it's just the client in the ASUS router that doesn't work bi-directional.
In both cases I use the .ovpn file you can download from the router's web UI.
I know an error message about HMAC authentication appeared in the system log on one of the routers, but I don't remember which one (I couldn't set it up again since the web UI for some reason won't allow me to even upload a .ovpn configuration file now with bi-directional).
I read in this thread that bi-directional gave no benefit over uni-directional. Why? And what does the phrase "the test is from client to server" mean?
In short, is bi-directional HMAC more secure, and if so, how can I make it work on the client on my ASUS router?
Thank you for reading!
I am currently setting up a site-to-site VPN between two ASUS RT-AC68U, latest stock firmware. The tunnel works fine but not when "Extra HMAC authorization" is set to bi-directional. If the same option is set to "Disable" or "Incoming (0)" it works. That is, only when not bi-directional my 'client' router can connect to my 'server' router. However, I can connect to the 'server' router with bi-directional enabled from my iPhone with the OpenVPN app. So it appears that it's just the client in the ASUS router that doesn't work bi-directional.
In both cases I use the .ovpn file you can download from the router's web UI.
I know an error message about HMAC authentication appeared in the system log on one of the routers, but I don't remember which one (I couldn't set it up again since the web UI for some reason won't allow me to even upload a .ovpn configuration file now with bi-directional).
I read in this thread that bi-directional gave no benefit over uni-directional. Why? And what does the phrase "the test is from client to server" mean?
In short, is bi-directional HMAC more secure, and if so, how can I make it work on the client on my ASUS router?
Thank you for reading!