OpenVPN site-to-site with AES128bit Encryption

2 posts / 0 new
Last post
Arshan Awais
OpenVPN site-to-site with AES128bit Encryption

Hi;
I've followed this link http://www.arkf.net/blog/?p=231 to setup an OpenVPN site-to-site tunnel with Pre-Shared-Key between two vyatta routers.
My Config file looks like this on both routers :

openvpn vtun0 {
        local-address 192.168.100.1 {
        }
        mode site-to-site
        remote-address 192.168.100.2
        remote-host 10.0.0.4
        shared-secret-key-file /etc/openvpn/key.psk
    }

So far this setup is working great. All I want to do is to add AES Encryprion to this tunnel. I've changed config files for encryption

openvpn vtun0 {
        encryption aes128
        local-address 192.168.100.1 {
        }
        mode site-to-site
        remote-address 192.168.100.2
        remote-host 10.0.0.4
        shared-secret-key-file /etc/openvpn/key.psk
    }

Do I need to generate another key for AES128 or shared-secret-key-file (which I think is for authentication) will be used for AES too?

Arshan Awais
OpenVPN site-to-site with AES128bit Encryption

I've found this http://openmaniak.com/openvpn/openvpn_static_key.gif image and also "Vyatta_VPN_R6.3_v01.pdf" example 4-15 shows encryption & hashing options...
Can anyone suggest any method to ensure that AES128 is active on OpenVPN tunnel traffic?