|
|
On Fri, 04 Feb 2005 15:39:05 -0500, Francois Meehan wrote: > Thanks all for the replies. I do have a crl so I have this covered but > this rise another question, if I want to give access back again to that > individual, or if I there are user for which I want to regulate/control > their vpn acces, their is no other mean that to revoke-grant certificates? If you revoke a certificate, you need to regenerate to give access back. There are certainly other, more temporary ways of removing a user's access, however. > Maybe a better example: I have consultants working remotely, I want them > to have access during normal work hours and I have other users that can > come in by Openvpn at any time... How can I manange this? Well, you could use a tls-verify script to deny the CNs of the consultants outside regular work hours, or a client-config-dir with ccd-exclusive, or you could use the "disable" directive for client-config-dir files. You'd also want to either restart the OpenVPN server or use the management interface to kill all consultants' connections at the end of business hours if you don't want consultants who connected during business hours to be able to stay connected afterwards. ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-02/msg00092.html on line 198 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-02/msg00092.html on line 198 |