[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] OpenVPN and iptables


  • Subject: Re: [Openvpn-users] OpenVPN and iptables
  • From: Lindsay Haisley <fmouse@xxxxxxx>
  • Date: Thu, 15 Nov 2007 12:11:56 -0600

This really doesn't need iptables at all.  svnserve has an option,
--listen-host=host (host may be either an IP address or a resolvable
name).  Make sure OpenVPN assigns a consistent address to the tap IF and
make sure this option is given to to the subversion daemon when it's
instantiated.

On Wed, 2007-11-14 at 18:12 -0500, Britain Crooker wrote:
> We have Subversion running on the same server that has OpenVPN on it.
> I would like to come up with some way to say "only allow clients to
> connect to Subversion if they are connected via the VPN".
>  
> Our configuration file is:
>  
> port 1194
> proto udp
> dev tap
>  
> ca ca.crt
> cert server.crt
> key server.key
> dh dh1024.pem
>  
> server 10.8.0.0 255.255.255.0
> ifconfig-pool-persist ipp.txt
> push "redirect-gateway def1"
> push "dhcp-option DNS 10.8.0.1"
> keepalive 10 120
> tls-auth ta.key 0 # This file is secret
> comp-lzo
> max-clients 4
> user nobody
> group nobody
> persist-key
> persist-tun
> status openvpn-status.log
> log-append  openvpn.log
> verb 4
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users
-- 
Lindsay Haisley       | "Everything works    |     PGP public key
FMP Computer Services |       if you let it" |      available at
512-259-1190          |    (The Roadie)      | http://pubkeys.fmp.com
http://www.fmp.com    |                      |


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users