There's no reason to dish out multiple IP addresses. Using the static key configuration, you can only connect one client to the server at any time (unless you turn off the checks for that which is not recommended). Both endpoints have to know the IPs of both endpoints so that they can properly set the routing tables.
Once you use the central PKI (which, incidentally, we don't really need), then a range of IPs is specified in the configuration which the server then spews on request. Also, IPs can be mapped to certificates to enforce firewall rules- very cool (again, we don't need this). >> With the way I'm currently using OpenVPN I have to specify the local >> and remote IP address when starting the server and I have to specify >> the local and remote IP address when starting the client. >> > > The LAN IP address, that is. In the particular example that I've > been using, it's the IP addresses with 10.4.0.xxx |-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|- AgentM [EMAIL PROTECTED] |-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|- _______________________________________________ CWE-LUG mailing list [email protected] http://www.cwelug.org/ http://www.cwelug.org/archives/ http://www.cwelug.org/mailinglist/
