|
|
Tanya Mamedalin <tmamedalin@xxxxxxxxxxxxxxx> said: > Hi - > > I am curious to know how others have dealt with unsecured vpn clients attaching to their networks. My main concern is that a remote client won't have the proper ip filters on and may start transiting traffic to my network. Which is why I would prefer that all traffic be directed through the vpn network when the client attaches. However, the obvious problem is that if the remote client default-routes everything through the vpn the original connection to the public ip of the vpn server will break. > Furthermore on various Windows flavors I've noticed that I can add 2 different 0.0.0.0/0 routes and some traffic will go one way and other traffic the other. Tanya, Take a look at --redirect-gateway for tunneling all traffic through the VPN. One suggestion I've seen on making sure clients are secured before they connect to the VPN is to have the --tls-verify script on the server nmap the client before approving the connection. James ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2003-12/msg00004.html on line 200 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2003-12/msg00004.html on line 200 |