|
|
On Tue, Jun 01, 2004 at 01:32:25PM +0100, Miika Keskinen wrote: > >my very personal feature requests ;-) > >- as stated in the past: dropping down the routes into the direct > > connected network would make the VPN more secure. > > > > > If I understood what you mean --redirect-gateway does that. No, in short: Assumed you are in a cusomer's LAN and have 1.1.1.1/24 on your ethernet. If you have openvpn up and running (included redirected gatway), you still have a route to 1.1.1.0/24 via your local ethernet interface. So, your client will be connected both to the (trusted) VPN and the (untrusted) customer's LAN at the same time. > Radius for authentication is poor and vulnerable choice. iirc > http://www.untruth.org/~josh/security/radius/radius-auth.html this > explained some of them. Interesting reading. Rainer ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2004-06/msg00004.html on line 198 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2004-06/msg00004.html on line 198 |