[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Iptables: match by OpenVPN client IP address rather than source address?


  • Subject: Re: [Openvpn-users] Iptables: match by OpenVPN client IP address rather than source address?
  • From: "Serge Wautier" <serge@xxxxxxxxxxx>
  • Date: Tue, 16 Jan 2007 09:16:01 +0100

They are embedded boxes running a proprietary OS based on a number of
commercial components (core OS, IP stack,...).
Neither Windows nor Linux.

Even though they don't implement PAT (yet), these boxes are very advanced in
what they do (industrial automation, data logging, protocol conversion,
alarming, web server and more). Just switching OS'es is not a realistic
solution. They will very likely add support for PAT in a mid term future but
we need a solution in a shorter timeframe.

Regards,

Serge.

> -----Original Message-----
> From: Erich Titl [mailto:erich.titl@xxxxxxxx] 
> Sent: mardi 16 janvier 2007 9:01
> To: Serge Wautier
> Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> Subject: Re: [Openvpn-users] Iptables: match by OpenVPN 
> client IP address rather than source address?
> 
> Serge
> 
> Serge Wautier wrote:
> > Erich, Les, thanks for your replies.
> > 
> > NAT won't work for me because the remote LANs contain servers. The 
> > goal is to let users access their servers in their remote LANs.
> > IP Masquerading won't work either for the same reason 
> (er... Is this true?
> > I'm a complete newbie to Linux!).
> > 
> > Port Forwarding is what I need. Unfortunately... The boxes used as 
> > OpenVPN clients on the remote LANs don't support it! Please 
> don't tell 
> > me to get rid of them: I'm doing this job on behalf of these boxes' 
> > manufacturer :-) It's a niche market in industrial 
> automation and telemetry.
> 
> What OS are they running? If it is anything like Linux, you 
> should not have a problem. With Windoze this might be 
> different, but who would actually choose M$ for a networking 
> job.... If they are embedded boxes there are a number of 
> Linux or *BSD distros that have a small footprint.
> Actually I am running all my OpenVPN boxes on embedded systems.
> 
> cheers
> 
> Erich
> 
> 

______________________
OpenVPN mailing lists
https://lists.sourceforge.net/lists/listinfo/openvpn-users