Software update: OpenVPN 2.0 beta 8

OpenVPN is a robust and easy to configure SSL VPN daemon that allows several private networks to be linked together through an encrypted tunnel over the internet. For security, the OpenSSL library is used with which all encryption, authentication and certification can be handled. Recently, the development team released version 2.0 beta 8 and provided this release notes and the following changelog†

Version 2.0 beta8:

• Added TCP support in server mode.
• Added PKCS #12 support (Mathias Sundman).
• Added patch to make revoke-crt and make-crl work seamlessly within the easy-rsa environment (Jan Kiszka).
• Modified –mode server ethernet bridge code to forward special IEEE 802.1d MAC Groups, ie 01:80:C2:XX:XX:XX.
• Added –dhcp-renew and –dhcp-release flags to Windows version. Normally DHCP renewal and release on the TAP adapter occurs automatically under Windows, however if you set the TAP-Win32 adapter Media Status property to “Always Connected”, you may need these flags.
• Added –show-net standalone flag to Windows version to show OpenVPN’s view of the system adapter and routing tables.
• Added –show-net-up flag to Windows version to output the system routing table and network adapter list to the log file after the TAP-Win32 adapter has been brought up and any routes have been added.
• Modified Windows version to add routes using the IP Helper API rather than by calling route.exe.
• Fixed bug where –route-up script was not being called if no –route options were specified.
• Added –mute-replay-warnings to suppress packet replay warnings. This is a common false alarm on WiFi nets.
• Added “def1” flag to –redirect-gateway option to override the default gateway by using 0.0.0.0/1 and 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of overriding but not wiping out the original default gateway. (Thanks to Jim Carter for pointing out this idea).
• You can now run OpenVPN with a single config file argument. For example, you can now say “openvpn config.conf” rather than “openvpn –config config.conf”.
• On Windows, made –route and –route-delay more adaptive with respect to waiting for interfaces referenced by the route destination to come up. Routes added by –route should now be added as soon as the interface comes up, rather than after an obligatory 10 second delay. The way this works internally is that –route-delay now defaults to 0 on Windows. Previous versions would wait for –route-delay seconds then add the routes. This version will wait –route-delay seconds and then test the routing table at one second intervals for the next 30 seconds and will not add the routes until they can be added without errors.
• On Windows, don’t setsockopt SO_SNDBUF or SO_RCVBUF by default on TCP/UDP socket in light of reports that this action can have undesirable global side effects on the MTU settings of other adapters. These parameters can still be set, but you need to explicitly specify –sndbuf and/or –rcvbuf.
• Added –max-clients option to limit the maximum number of simultaneously connected clients in server mode.
• Added error message to illuminate shell escape gotcha when single backslashes are used in Windows path names.
• Added optional netmask parm to –ifconfig-pool.
• Fixed bug where http-proxy connect retry attempts were incorrectly going to the remote OpenVPN server, not to the HTTP proxy server.

[break]The following downloads are ready:
source tarball
source zip
Windows Installer