|
|
On Tue, Jun 01, 2004 at 01:32:25PM +0100, Miika Keskinen wrote: > >my very personal feature requests ;-) > >- as stated in the past: dropping down the routes into the direct > > connected network would make the VPN more secure. > > > > > If I understood what you mean --redirect-gateway does that. No, in short: Assumed you are in a cusomer's LAN and have 1.1.1.1/24 on your ethernet. If you have openvpn up and running (included redirected gatway), you still have a route to 1.1.1.0/24 via your local ethernet interface. So, your client will be connected both to the (trusted) VPN and the (untrusted) customer's LAN at the same time. > Radius for authentication is poor and vulnerable choice. iirc > http://www.untruth.org/~josh/security/radius/radius-auth.html this > explained some of them. Interesting reading. Rainer ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |