[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] different settings for just 1 or 2 users

  • Subject: Re: [Openvpn-users] different settings for just 1 or 2 users
  • From: Leonardo Rodrigues Magalhães <leolistas@xxxxxxxxxxxxxx>
  • Date: Fri, 26 Oct 2007 12:00:35 -0200

No matter how many routes you publish on your config, people connected to your network with OpenVPN will always have the ability of creating new routes through the tunnel.

So, even if you dont publish routes to your full network, you'd better guarantee, in firewall rules, that people will only have the access they really need.

   Dont count on routes existing or not as a security measurement.

nobledark@xxxxxxxxxxxx escreveu:

OpenVPN in routed mode - I need to apply a different set of routes for 1 or 2 users; they are temp contractors who should only have access to 2 IP addresses on a single subnet while the rest of use have access to multiple systems on multiple routes. I saw in the HowTo a way to do it w/ the Linux firewall but I'm using an external firewall and not the firewall on the OpenVPN box.

Is there a way to do this w/ ccd? My first attempt locked my server up until I could in to work this morning :(


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia

	Minha armadilha de SPAM, NÃO mandem email
	My SPAMTRAP, do not email it

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature