From: Bradley A. <st...@tu...> - 2003-10-26 21:28:28
|
Hi, I'm about to set up a firewall with OpenVPN on it. One of the functions of said firewall will be to allow select remote users to connect to services behind the firewall. The thing is that up to and including 1.4.3, I have always been able to connect one session to a single port, e.g the remote machine connects to port 5000, another connects to 5001 and so forth. Is there a way that I can set up a pool of OpenVPN sessions, say a block of 10 ports that can be connected to by anyone coming in with a valid certificate? For instance, say there are 20 people set up with openvpn and certificates. With 1.4.x, I would have two choices. 1) Set up 20 ports on the firewall, and maintain 20 config files; or 2) overlap port/cert combinations and hope the overlappees don't need in at the same time. What I'd like to do would be to set up something similar to a modem pool, and let people dial in up to capacity. How difficult would this be with OpenVPN? Thanks, -- --Brad ======================================================================== Bradley M. Alexander | gTLD SysAdmin, Security Engineer | storm [at] tux.org Debian/GNU Linux Developer | storm [at] debian.org ======================================================================== Key fingerprints: DSA 0x54434E65: 37F6 BCA6 621D 920C E02E E3C8 73B2 C019 5443 4E65 RSA 0xC3BCBA91: 3F 0E 26 C1 90 14 AD 0A C8 9C F0 93 75 A0 01 34 ======================================================================== A Purple Heart just goes to prove that were you smart enough to think of a plan, stupid enough to try it, and lucky enough to survive. --Murphy's Laws of Combat |