(re-sent with proper reply-to: ... sorry about the mess. Hope it will be now)
On 11/06/14 00:12, Mike Josh wrote: > > OpenVPN is not a peer-to-peer VPN solution (by design). > > This means that I cannot tell Alice's client to communicate directly > with Bob's? That is correct. All traffic must go via the OpenVPN server. > I'm not saying that each instance of OpenVPN should be both, a client > and a server. I'm talking about a central server that authorises clients > and then allows them to communicate with each other directly. That is what a peer-to-peer network approach would enable, quite related to mesh networking. Which OpenVPN does not support at all. > > if security is the top priority then a central server model through > which all traffic flows does offer the best security > > I want to understand why. Can you point me to a resource? Something > easy, I'm a beginner in this stuff. If a client can communicate to any clients directly without going via the server, the server cannot impose any policies or firewall rules on the VPN traffic between the clients. If the traffic must go via the server, the server can block unwanted services on the VPN. -- kind regards, David Sommerseth -- -- kind regards, David Sommerseth ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
