[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Re: [Openvpn-devel] OpenVPN 2.0 -- Project Update and Release Notes

  • Subject: Re: [Openvpn-users] Re: [Openvpn-devel] OpenVPN 2.0 -- Project Update and Release Notes
  • From: "Kevin P. Fleming" <kpfleming@xxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 31 Mar 2004 07:22:11 -0700

James Yonan wrote:

Basically OpenVPN 2.0 is a router.  It gets packets from a single tun
interface and uses the destination address on the packet to determine which
client to route it to.  So what should the router do if a packet comes from a
client and has as its destination address another client?  Some people would
want to block this capability and other would want to allow it.  If you block
it, connecting clients can only see the central server's network.  If you
allow it, one client could browse file shares on another client.

Is it safe to assume that OpenVPN 2.0 will still support the multiple-tun-interface model that's being used now? My OpenVPN server has four remote connections, and I need to use iptables (Linux) rules to control routing between them. I don't want to allow unrestricted routing between them, nor do I want them to be restricted to only communicating with the server and the networks behind it.

Openvpn-users mailing list