Tom Eastep wrote: > [email protected] wrote: >> Hi, >> I have setted up vpn rules for openvpn , rules are working between vpn >> clients and the lan >> however, all trafic is allowed between vpn clients (and I did not setted up >> routeback option in zones) !! > > If you are using a routed OpenVPN configuration, don't specify > 'client-to-client'; that will cause the OpenVPN server to route between > the clients internally. > >> and finally the link of mark zonzon regarding selective communication >> between openvpn clients is dead in the docs. > > I've removed the link.
I also changed the 'and' at the end of the first bullet to 'or' since either of those measures will allow client-to-client communications. 'client-to-client' is preferred because it is more efficient. Using 'routeback' allows you to control client to client traffic by setting the vpn->vpn policy to REJECT and adding the appropriate vpn->vpn ACCEPT rules. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
