[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] vpn ip adresses that are public

  • Subject: Re: [Openvpn-users] vpn ip adresses that are public
  • From: Maximilian Wilhelm <max@xxxxxxxxxxx>
  • Date: Thu, 11 Oct 2007 22:22:53 +0200

Am Thursday, den 11 October hub Steffen Heil folgendes in die Tasten:


> I have backported openvpn2.1-rc4 to debian etch and that works for me.

> Finally I got the connection, based on Maximilian Wilhelm's [heavily modified] 
> configuration. (THANKS)

Would you mind to share the changes?

> However, there are some questions left:

> 1. Is there a way to configure openvpn to accept UDP and TCP connections for 
> the same IP pool?
> (Such as "proto both", using UDP for UDP clients and TCP for TCP clients)

I don't know of any.

> 2. Is there a way to configure IPs based the the certificate used to connect? 
> (client1 should always get the same Ip..)

Have a look into the docs about 'ccd'

> 3. What is the second IP of "ifconfig" in mode "dev tun" used for? The first 
> is the server IP, the client ips are taken from the pool...

| --ifconfig l rn
|     Set TUN/TAP adapter parameters. l is the IP address of the local
|     VPN endpoint.
|     For TUN devices, rn is the IP address of the remote VPN endpoint.
|     For TAP devices, rn is the subnet mask of the virtual ethernet segment
|     which is being created or connected to.

    The latter also fit's for 'topology subnet'.

> 4. Is there a way to restrict access so certain certificates instead of any 
> certifiacte of a certain CA?
OpenVPN mailing lists