|
|
Using beta14 with mucho success between FreeBSd and XP. No
having to muck with anything, it just works. Like good software
should.
So then to "dream" a bit...
a) I'm considering using openVPN in an ISP environment. However,
I need someway to "authenticate" incoming connections via Radius,
so that all my auth methods are tied together, using Radius
for the common denominator...
Perhaps it's possible to do somehitng is certificates are used,
and extract something out of the comments and pass it off to a script,
but it'd be cool if it could be integrated into OpenVPn directly.
Or get access to the MAC address assigned to the tap device, maybe
use it as a key of somekind... Not rock solid, but would help.
b) Single port-support. Topic, horse, dead, beat. But still, I want it.
c) A way to download configuration info to the client from a "central"
server. ie, perhaps a user could connect with a "prelminary" connection
and get the cert, authenticate, then the server could pass back info
such as IP address, or maybe bandwidth shaper info. Maybe even
eventually things like firewall rulesets or somesuch.
d) It would be good if the "server" could shape incoming traffic
as well as outgoing. Perhaps using something like RED, or GRED, or
somesuch. That way I could set clients to say, 256k, but have
a hard limit in the server of 384k, just in case somebody modifies
their config. Of course, some of this can be done with ipfw rulesets
in FreeBSD, and perhaps that's the best way, but that gets trickier
if/when the single-port support is there...
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|