|
|
> But as we have to keep our hardware Firewall, > is it possible to have the VPN server on the > Intranet (only with 1 ethernet adapter 192.168.0.111) ? > I can open some ports on the firewall if needed. > If yes, what kind of configuration should I use ? This will work, you just have to open one udp port on your firewall and forward it to your vpn server. the predefined port for openvpn is udp port 5000. It's recommended to protect the vpn server from the vpn itself as much as possible, because this is a second entry point from external to your office network. an example: if you only need access to your smtp + pop server in office, you can block everything except these tcp ports on your vpn server from the vpn, so that if you have a worm that spreads via Windows RPC (ports 135 - 139 + 445) it cannot move to your office. this can be done via iptables on your vpn server, or putting the vpn server in a dmz. regards dani ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |