[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] vpn question

On Thu, Mar 11, 2004 at 10:01:49AM -0800, lonnie@xxxxxxxxxx wrote:
> 1.) Closed Services - After as client machine establishes a OpenVPN connection with a server
> machine then I am wondering if it is possible to basically colse off all traffic from the client
> machine to/from the basic internet from all ports except the VPN such that ALL of the client
> (TCP/IP, UDP) traffic goes through the server machine?
Yes, it's called --redirect-gateway and it's all over the documentation!
You also need to set --route-gateway if you set --redirect-gateway.
See http://openvpn.sourceforge.net

> 2.) Semi-Opend Services - On the Server side, you would want the clients to be able to establish a
> "Closed Services" connection to the server, but the server also needs to be able to maintain the
> client VPN connections while still having access to the Internet and the standard stuff as well.

This is what I have.  You could do complex access control with a
firewall (hint: run your server on linux) by making rules that apply
to individual or all tap devices (for example).


Openvpn-users mailing list