|
|
Mathias Koerber wrote: > > b) But I realize that OpenVPN only supports Basic and NTLM proxy > authentication, which would leave that proxy vulnerable when the > passwords gets sniffed. Actually, NTLM is resistant to sniffing. Also - what's wrong with "allow from"? Why not drop requiring authentication, and just restrict it to the appropriate IP addresses? Finally, if you actually control the server, why not just run OpenVPN directly on it, and route via it to the other sites? i.e. client - > router-instead-of-proxy->end server -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00061.html on line 197 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2005-12/msg00061.html on line 197 |