[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Exclusive gateway with openvpn and windows.

  • Subject: [Openvpn-users] Exclusive gateway with openvpn and windows.
  • From: Ewan Bhamrah Harley <ewan@xxxxxxxxxxxxxxx>
  • Date: Wed, 29 Dec 2004 21:09:50 -0000

As has been pointed out before by many people (including, I think, me)
openvpn can't fully support an IPSec style exclusive gateway, but it can
emulate this very effectively using a combination of routing rules and a
decent firewall. 

The routing setup is already in openvpn but not the firewall part (not a
complain't, it's beyond openvpn's scope). 

I have scripts for linux which will set up a suitable IPTables config when
the openvpn tunnel is initiated and restore the original IPTables config
when the tunnel is torn down. I'm now trying to set up a similar setup for

To do this I'm looking for a third party firewall for windows - open source
by preference but proprietry and/or commercial solutions are acceptable -
that can be configured by a script called from openvpn. The most recent
versions of the XP firewall may be able to do this but I'm looking for a
more general solution - specifically it must work with both XP and W2k. As
well as being scriptable, the firewall must support interface specific

Wipfw looks like one possible solution but I'm looking for other other
firewalls that might suit. Any suggestions are welcome. 


Openvpn-users mailing list