Serge Wautier wrote: > The OpenVPN HOW-TO suggests a method using a firewall to restrict clients > access to parts of the network. I wonder if it will work in this case: Will > the firewall be triggered for packets transmission over the local (VPN) > subnet ? I don't think so. >
AFAIK, all traffic coming from a client to another, pass through the openvpn server. So your firewall rules would be able to filter this traffic easily. There was already a discussion on this list requesting that openvpn would be a full mesh vpn. If it was, then one client would be able to connect directly to the other, without passing through the server. But i don't know if this was implemented. If it was like this, then certainly you would need the filter you are willing to implement. But, the way it is now, you don't need it. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informática 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85
signature.asc
Description: OpenPGP digital signature
