James Yonan wrote:
* Connecting clients can now have a client-specific
configuration on the server, based on the client
common name embedded in the client certificate.
See --client-config-dir and --client-connect.
These options can be used to configure client-specific
This is very, very cool.
* Added an option --client-to-client that enables
internal client-to-client routing or bridging.
Otherwise, clients will only "see" the server,
not other connected clients.
I had a weird idea the other day: how hard would it be for OpenVPN to
use _two_ tun interfaces on the server instead of one, with all received
traffic coming into one of them and all outbound traffic going out the
other? This would alleviate the need for OpenVPN to do routing/bridging
at all (the host OS could still do it), but still keeps the number of
interfaces down. It also allows the host to do filtering between the
connected clients, without needing an interface for each connected client.
Openvpn-users mailing list