On 06/04/17 17:11, Илья Шипицин wrote: > Usually, you can bind to certain interface and forward packets by > firewall from other interfaces > > 6 апр. 2017 г. 19:41 пользователь "Kor Korrd" > <kor.korrd+open...@gmail.com <mailto:kor.korrd%2bopen...@gmail.com>> > написал: > > Hi, > > is it possible for the Server part to listen on more than one specific > interface but not on all interfaces?
No. Currently that is not possible in OpenVPN. Some of the core developers are looking into resolving this, but it has turned out to be quite hard to resolve and fix properly. So this is still being worked on, but we have no ETA for this. What most users do is to listen to all interfaces and only open up the port in the firewalling. Some have chosen a different path using NAT to forward packets from one IP/interface to the one OpenVPN is listening too. But some have needed to also add --multihome in the OpenVPN to make this work. For most of our OpenVPN users, only open up the OpenVPN port on specific interfaces/IP addresses in the firewall is more than good enough from a security perspective, and really simple to achieve without too much troubles. But YMMV. -- kind regards, David Sommerseth OpenVPN Technologies, Inc
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
