|
|
On Mon, 01 Aug 2005 18:49:26 +0200, Luciano L. Mannucci wrote: > I'm getting a message saying "Assertion failed at mtcp.c:411" in the log > and the openvpn server program exits. This happens when two computers > coming through the same natting firewall try to use the same > certificate, thus getting the same IP address. I am assigning IP > addresses via ccd and I use TCP instead of UDP. This thing is very bad > because it leads to Denial Of Service attack. First, for any production system you should have a solution in place to restart the OpenVPN service (like other critical processes) whenever it exits. I use runit [http://smarden.org/runit/] for this purpose. Second, your client systems should use the "nobind" directive in their config files. Are they doing so presently? I don't intend to imply by any of the above that the behaviour you're observing doesn't constitute a bug. ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |