[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] how tight can i firewall off the openvpn ip addresses and still expect it to work?

Subject: Re: [Openvpn-users] how tight can i firewall off the openvpn ip addresses and still expect it to work?
From: John Favorite <john.favorite@xxxxxxxxx>
Date: Thu, 8 Jul 2004 10:05:44 -0700

beat me to it

On Thu, 8 Jul 2004 09:52:47 -0700, John Favorite
<john.favorite@xxxxxxxxx> wrote:
> I beleive the only way to allow openvpn clients to see each other is
> to add -client-to-client or push/pull a route to them. Please someone
> correct me if I am wrong
> 
> 
> 
> On Thu, 8 Jul 2004 11:12:50 +0200, Jon Bendtsen <jon.bendtsen@xxxxxxxxxx> wrote:
> > I'm running openvpn 2.0 beta7.
> >
> > i use the server mode, and still uses the ip addresses suggested in the
> > release notes 2.0.
> >
> > "# The server's virtual endpoints
> > ifconfig 10.8.0.1 10.8.0.2
> >
> > # Pool of /30 subnets to be allocated to clients.
> > # When a client connects, an --ifconfig command
> > # will be automatically generated and pushed back to
> > # the client.
> > ifconfig-pool 10.8.0.4 10.8.0.255"
> >
> > i would prefer having a tight firewall, such that the clients can
> > _ONLY_ talk to the vpn gateway and not each other.
> >
> > does that mean access between addresses
> > 10.8.0.1        +       10.8.0.6
> > 10.8.0.1        +       10.8.0.8
> > 10.8.0.1        +       10.8.0.10
> > 10.8.0.1        +       10.8.0.12
> > 10.8.0.1        +       10.8.0.14
> > ...
> >
> > or are the 10.8.0.2, and .5 used for anything?
> > (apparently it doesnt use ip 3 and 4, maybe because i already used it
> > for some other computer?
> > or is it because of     ifconfig-pool 10.8.0.4 10.8.0.255       in the config
> > file?
> > but why .4, and not .3 ?
> >
> > JonB
> >
> > -------------------------------------------------------
> > This SF.Net email sponsored by Black Hat Briefings & Training.
> > Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
> > digital self defense, top technical experts, no vendor pitches,
> > unmatched networking opportunities. Visit www.blackhat.com
> > _______________________________________________
> > Openvpn-users mailing list
> > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> > https://lists.sourceforge.net/lists/listinfo/openvpn-users
> >
>

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

References:
- [Openvpn-users] how tight can i firewall off the openvpn ip addresses and still expect it to work?
  - From: Jon Bendtsen
- Re: [Openvpn-users] how tight can i firewall off the openvpn ip addresses and still expect it to work?
  - From: John Favorite

Prev by Date: Re: [Openvpn-users] Install Problem, OpenSSL Crypto headers not found
Next by Date: Re: Replying, WAS Re: [Openvpn-users] Windows installation package with GUI included
Previous by thread: Re: [Openvpn-users] how tight can i firewall off the openvpn ip addresses and still expect it to work?
Next by thread: [Openvpn-users] how to start openvpn in server mode with proto tcp
Index(es):
- Date
- Thread