[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] 2.0 Feature Freeze Discussion

  • Subject: Re: [Openvpn-users] 2.0 Feature Freeze Discussion
  • From: Leonard Isham <leonard.isham@xxxxxxxxx>
  • Date: Fri, 3 Dec 2004 09:30:09 -0500

> > 1) At the moment user/pass is in addition to TLS certificate.  Could the
> > server perhaps optionally accept either the one or the other?
> >
> > 2) The ability for the server to listen on several ports and protocols.
> >
>     I would love to see this too. While playing with 2.0 betas I found that
> many ISPs have really strange ip filters - we have one that blocks almost
> any UDP, another that blocks tons of TCP ports but leaves UDP, some allow
> only proxy acces (they really sux) and so on and so on... Having to run
> two servers (one for UDP and one for TCP) in separate ip pools makes
> management harder. Delaying this for 2.1 for me is OK too...

For option 1 this breaks security best parctices and IMHO should not
be implimented.  I already used the soapbox for this in another post
so see that for my full argument.

Option 2 would be nice but I think that would need to wait for 2.1.

Leonard Isham, CISSP 
Ostendo non ostento.

Openvpn-users mailing list