|
|
On Thursday 02 March 2006 13.16, you wrote: > Den torsdag 2.mar kl. 12:55 skrev Per-Olov Sjöholm: > > Hi > > > > Is is possible to force a block of VPN clients in the central OpenVPN > > concentrator that are using old and vulnerable versions of openvpn? > > > > I ask as I have problems to get feedback of which clients that have > > done the > > requested upgrade. For example I want to reject connections of all > > clients > > before version 2.0.5... Is it possible in any way? If not, it could > > be a good > > feature request. > > I would have said yes there is such a version, but i can not seem to > find it right now. > However, you might possibly do something using the --client-connect > scripts if the > version is even reported as a variable. It does NOT appear like it is > that in those > old outputs i have from running a --client-connect script. > > I think it was > "--disable-occ > Don't output a warning message if option inconsistencies are > detected between peers. An example of an option inconsistency would > be where one peer uses --dev tun while the other peer uses --dev tap. > > Use of this option is discouraged, but is provided as a > temporary fix in situations where a recent version of OpenVPN must > connect to an old version. " > > that made me think that there was an option. (the above is taken from > manpage for beta 2.1 series) > > > However, dont worry, i have a suggestion that i think will work very > well. Simply > revoke the certificate and sent them a new VPN package complete with > a new > openvpn version. > > > > > JonB Don't get it... But I will try to find more info about "--disable-occ". Revoke the cert and give out a new one together with a new software package is not an option for 160 users.... Any one with more info regarding this issue? Thanks /Per-Olov ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-03/msg00012.html on line 238 Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-03/msg00012.html on line 238 |