Arkadiusz Patyk <a...@areq.eu.org> said: > Hi > > Two very significant things for me are: > 1. In my configurations, VPN users have different rights to resources > (access list on firewall - iptables). I have to know client IP to > correctly setup firewall, how can i do this in 2.x ? How can i > achieve this, in case of dynamic IP assignment
You can use the --ipchange script which is passed the common name and source IP address every time a client connects. I probably need to add a new environmental variable that contains the dynamically allocated --ifconfig-pool subnet. > 2. Is it possible to run few servers (each of them on their own tap) > on the same machine? Yes, it is possible to run many '--mode server' servers on the same machine, each having their own tun interface (tap interfaces are not supported yet in --mode server mode). This would be a good way to differentiate access rights for different client classes. James > -- > Arkadiusz Patyk [areq(at)pld-linux.org] [http://rescuecd.pld-linux.org/] > [IRC:areq ICQ:16231667 GG:1383] [AP3-6BONE] [AP14126-RIPE] > > > ------------------------------------------------------- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > _______________________________________________ > Openvpn-users mailing list > openvpn-us...@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users > --
