[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] OpenVPN 2.0-test20 released

  • Subject: Re: [Openvpn-users] OpenVPN 2.0-test20 released
  • From: "James Yonan" <jim@xxxxxxxxx>
  • Date: Sun, 11 Apr 2004 21:02:28 -0000

Mathias Sundman <mathias@xxxxxxxxxx> said:

> On Sat, 10 Apr 2004, James Yonan wrote:
> > 2004.04.10 -- Version 2.0-test20
> >
> > * --mode server capability now works with either tun
> >   or tap interfaces.  When used with tap interfaces,
> >   OpenVPN will internally bridge all client tap
> >   interfaces with the server tap interface.
> This is just awesome! Now OpenVPN got just about every feature I´ve
> dreamed about having in a VPN package. When we had a discussion on this
> list a few months ago about this kind of functionallity, I thought it
> would take years before you (or someone else) would accually write it!
> Thanks a lot!

There's nothing like actually getting paid to write free software to work
wonders on your productivity :)

> The only feature I´m still missing is either a build in firewall in
> the windows client, or maybe preferable a way to control an existing
> firewall software from OpenVPN.
> I'd like to have something like CheckPoint SecureClient have, so that when
> the client connect to the VPN server, the server push firewall rules to
> the client and verifies that they are applied before accepting the client.

If the firewall can be configured from the client shell, it should be possible
with scripting.  One way that the server could pass parameters to a
client-side script is with --push "setenv [variable] [value]".  A client side
script could then use those parameters from its environment to control its


Openvpn-users mailing list