[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] bridging, shared certs question

  • Subject: [Openvpn-users] bridging, shared certs question
  • From: Frank Sweetser <fes@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 31 Jan 2005 21:23:49 -0500

I have a couple of questions:

1) We're considering deploying openvpn with a single client cert shared among
the users, with username and password authentication.  Given that each user has
access to the private key used by other users, does this mean that each user
would be able to decrypt the traffic from other users tunnels?

2) In TAP mode, the openvpn process has to effectivly act as a software bridge.
What does it do with ethernet broadcasts - discard them, or flood them to all
connected clients?

Frank Sweetser fs at wpi.edu
WPI Network Engineer
GPG fingerprint = 6174 1257 129E 0D21 D8D4  E8A3 8E39 29E3 E2E8 8CEC

Openvpn-users mailing list