Sunny,
On Tue, Aug 01, 2006 at 10:10:29AM -0500, Sunny wrote:
> Do I need to run 2 instances of openvpn? Do I have to use different
> tun devices?
Yes, you have:
- if your are using "mode p2p" using on your existing setup, you must
add a second config as this mode allows only one (!) connection at a
time.
- if you are already using "mode server" your current firewall might be
a client (just think of the "remote ..." option). In this mode your
process can be either the client or the server!
> Also, can I use one and the same server key for both firewalls? What
> about the client certificates (I have client cert. for me to connect
> to production firewall).
Yes, if you are using preshared keys (or secrets) this will be
technically OK. But if you are using thesen keys on all your configs you
might get a problem if this key is compromised.
I would suggest you to use certificates with one cert per client.
Best regards,
Klaus
Attachment:
signature.asc
Description: Digital signature
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Warning: require_once(../../../archive_common.php) [function.require-once]: failed to open stream: No such file or directory in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-08/msg00005.html on line 212
Fatal error: require_once() [function.require]: Failed opening required '../../../archive_common.php' (include_path='/usr/local/lib/php') in /home/openvpn/domains/openvpn.net/public_html/archive/openvpn-users/2006-08/msg00005.html on line 212
|