[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] how tight can i firewall off the openvpn ip addresses and still expect it to work?

  • Subject: [Openvpn-users] how tight can i firewall off the openvpn ip addresses and still expect it to work?
  • From: Jon Bendtsen <jon.bendtsen@xxxxxxxxxx>
  • Date: Thu, 8 Jul 2004 11:12:50 +0200
I'm running openvpn 2.0 beta7.

i use the server mode, and still uses the ip addresses suggested in the release notes 2.0.

"# The server's virtual endpoints
ifconfig 10.8.0.1 10.8.0.2

# Pool of /30 subnets to be allocated to clients.
# When a client connects, an --ifconfig command
# will be automatically generated and pushed back to
# the client.
ifconfig-pool 10.8.0.4 10.8.0.255"

i would prefer having a tight firewall, such that the clients can _ONLY_ talk to the vpn gateway and not each other.

does that mean access between addresses
10.8.0.1 	+	10.8.0.6
10.8.0.1 	+	10.8.0.8
10.8.0.1 	+	10.8.0.10
10.8.0.1 	+	10.8.0.12
10.8.0.1 	+	10.8.0.14
...


or are the 10.8.0.2, and .5 used for anything?
(apparently it doesnt use ip 3 and 4, maybe because i already used it for some other computer?
or is it because of ifconfig-pool 10.8.0.4 10.8.0.255 in the config file?
but why .4, and not .3 ?



JonB


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users