No matter how many routes you publish on your config, people
connected to your network with OpenVPN will always have the ability of
creating new routes through the tunnel.
So, even if you dont publish routes to your full network, you'd
better guarantee, in firewall rules, that people will only have the
access they really need.
Dont count on routes existing or not as a security measurement.
OpenVPN in routed mode - I need to apply a different set of routes
for 1 or 2 users; they are temp contractors who should only have
access to 2 IP addresses on a single subnet while the rest of use
have access to multiple systems on multiple routes. I saw in the
HowTo a way to do it w/ the Linux firewall but I'm using an
external firewall and not the firewall on the OpenVPN box.
Is there a way to do this w/ ccd? My first attempt locked my server
up until I could in to work this morning :(
Atenciosamente / Sincerily,
Minha armadilha de SPAM, NÃO mandem email
My SPAMTRAP, do not email it
Description: S/MIME Cryptographic Signature