Hi, On Mon, Jul 31, 2023 at 09:11:31PM +0200, Bo Berglund wrote: > On Mon, 31 Jul 2023 18:52:07 +0000 (UTC), Jason Long via Openvpn-users > <openvpn-users@lists.sourceforge.net> wrote: > > >What is the usage of the "client-to-client" and "iroute"? > > client-to-client: > if you would like connecting clients to be able to reach each other over the > VPN. By default, clients will only be able to reach the server.
This is not fully correct.
client-to-client means "the OpenVPN server will route packets between
clients directly". If this is not set, packets will be routed via the
Server's IP stack ("Linux tun interface"), so you can use iptables to
control connectivity between clients - but if iptables permit (and
"forward_ip" is enabled on the server!) clients can still talk.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
