Menu
▾
▴
[Openvpn-users] Re: Answering on the same interface where the request came from
|
From: Charles D. <cd...@sp...> - 2005-02-23 10:00:29
|
On Wed, 23 Feb 2005 11:46:06 +0200, Doncho N. Gunchev wrote: > While possible, this leads to other problems - I can not monitor my VPN > clients (can't say this host has one of these IPs to Nagios) Eh? Can't Nagios support DNS? Script up your OpenVPN instances to register both reverse and forward DNS for connecting clients. > have to write every firewall rule multiple times (and if we get > connected to one more IPS/Partner...) Hrm? Not sure I follow. You're running both the OpenVPN instances on the same machine and same port; why would you need additional firewall rules? > must guess/check last client's IP if I need to ssh there. Once again, using dynamic DNS will fix this. > Is it possible to bind openvpn (maybe 2.1) to multiple addresses > like > BIND, SQUID, Apache and many others can? Sure you can bind to multiple addresses, but in UDP mode you don't have a guarantee that the answer will be on the same IP as the source. > PS: I *can* assign each VPN client additional unique IP, route it > via OpenVPN on connect and monitor that subnet but... it gets much > more complicated. I wouldn't bother. |
