From: Jan M. <las...@gm...> - 2007-01-29 03:08:09
|
They would have the same privelages as a user connecting via a random ethernet interface into your machine: it's all a matter of how you firewall it. All you're basically doing is making a virtual network with a virtual ethernet switch, connected to a virtual ethernet adapter called tun0 :-) To linux, they are an outsider. The only way they can access any resources on the server is if you let them connect to the port the service is being hosted on. Hope this helps, Jan On 29/01/07, mac...@gm... <mac...@gm...> wrote: > > I understand that the vpn clients aren't logged in. I was just wanting to > make sure that they would have the same privileges (and not more) as users > on the servers local network. Would the vpn clients be restricted by the > software firewall on the server if trying to access other resources on the > server? > > Thanks, > Josh > > On 1/28/07, Dave <de...@zi...> wrote: > > > > > > > > -----Original Message----- > > *From:* ope...@li... [mailto: > > ope...@li...] *On Behalf Of * > > mac...@gm... > > *Sent:* Sunday, January 28, 2007 5:54 PM > > *To:* ope...@li... > > *Subject:* [Openvpn-users] OpenVPN Security > > > > My company is looking at running OpenVPN on a Linux server that would > > also be running the apache web server and handling our email. They wanted to > > do this so that road warriors can access out local network. Their only > > concern was how secure this would be. Could the vpn clients have access to > > files on the server? The vpn clients should only have as much access to the > > server and its files as a user on our local network would. They thought the > > client might have more access because it is "inside" the server. Let me know > > what you think. > > > > Thanks, > > Josh > > > > > > The VPN clients aren't logged into the server under a user account like > > you might with say ssh or something -- rather it's the raw network packets > > that are being transported to the VPN server, and the server then > > forwards them on to the destination like a router would. > > > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share > your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > _______________________________________________ > Openvpn-users mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/openvpn-users > > > |