|
|
On Thursday 08 July 2004 04:12, Jon Bendtsen wrote: > I'm running openvpn 2.0 beta7. > > i use the server mode, and still uses the ip addresses suggested in the > release notes 2.0. > > "# The server's virtual endpoints > ifconfig 10.8.0.1 10.8.0.2 > > # Pool of /30 subnets to be allocated to clients. > # When a client connects, an --ifconfig command > # will be automatically generated and pushed back to > # the client. > ifconfig-pool 10.8.0.4 10.8.0.255" > > i would prefer having a tight firewall, such that the clients can > _ONLY_ talk to the vpn gateway and not each other. This happens by default. Client-to-client communication is only allowed when the "client-to-client" config file directive is used. > does that mean access between addresses > 10.8.0.1 + 10.8.0.6 > 10.8.0.1 + 10.8.0.8 > 10.8.0.1 + 10.8.0.10 > 10.8.0.1 + 10.8.0.12 > 10.8.0.1 + 10.8.0.14 > ... > > > or are the 10.8.0.2, and .5 used for anything? > (apparently it doesnt use ip 3 and 4, maybe because i already used it > for some other computer? > or is it because of ifconfig-pool 10.8.0.4 10.8.0.255 in the config > file? > but why .4, and not .3 ? The skipped addresses represent the network and broadcast addresses for the tiny 4-address (/30) subnets which are allocated by ifconfig-pool for each tun client. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |