anges their connection while
working. I think we'll try blocking our internal IP ranges at the
servers first, it sounds like the easiest (and least complex)
solution at this time.
Great to see the ability to have both UDP and TCP connections in
a single config file now!
Daniel Johnson
===
In other words I don't want this to light up a VPN tunnel when it
is already inside our firewall.
Daniel Johnson
progman2...@usa.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAky8m9MACgkQ6vGcUBY+ge8hmwCfdkycczLNiFmYnWvWQCvOyO0V
sjYAn2R5Sn+fGOAxnW9hMMncTJng6YcH
=Oqjc
-END PGP SIGNATURE-
ot;alternate" (TCP), each of which points to a pair of
servers.
Any and all help appreciated!
Daniel Johnson
progman2...@usa.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAky8j64ACgkQ6vGcUBY+ge9v6wCgj64iwXxIRvEjWkdA5B88FD06
2pIAoLBXDUIvsHsrLyQqEE9qZm9RmqNz
=5fwH
-END PGP SIGNATURE-
ing
> at something it do not own, your patch is definitely more the
> correct approach.
It was already nulled at post-patch line 558. I think that the
additional NULLing makes the code more readable but strictly
speaking it is not necessary.
Daniel Johnson
progman2...@usa.net
-BEGI
K, I think I'm following you. It seems to me that the strdup()
isn't even needed for the no-match case, but I'm leaving it in
there lest I break something.
http://thor.chguernsey.com/temp/auth-pam.patch2
http://thor.chguernsey.com/temp/auth-pam.patch2.sig
Patch MD5: 50c9ba
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniel Johnson wrote on 2008-12-12:
> When I began testing OpenVPN v2.1_rc9 I was having trouble
> authenticating to the MS Active Directory through auth-pam and Samba.
> I used the following line in my configs (without the linebreak of
le for about ten seconds, then plug
it back in. The route will be gone. A wireless hiccup need not last
ten seconds to cause the same issue. I can understand why the current
Windows behavior is generally desireable but it really fouls things up
if you are depending on one of those routes.
D
t I'm pursuing a split-view DNS to report only the
internal address on that subnet. It should hide the effects of the
routing-loop problem until it can be properly resolved.
Daniel Johnson
progman2...@usa.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFKKSw66vGcUBY+ge8R
ireless network. Does OpenVPN do anything special with DNS
results to prefer local addresses? If not, can that be added easily?
Daniel Johnson
progman2...@usa.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFKKDfZ6vGcUBY+ge8RAjmUAJ9LyVDhyNyFyEtVJlNMcmsJmoP/KACfbkIQ
VPN-added routes first, or
2) Re-add/fix all OpenVPN-added routes first.
Either would work in my situation, but some people may want to
choose between the two.
Daniel Johnson
progman2...@usa.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFJefql6vGcUBY+
to correct this. I hope you find it useful,
http://thor.chguernsey.com/temp/auth-pam.patch (2kb)
http://thor.chguernsey.com/temp/auth-pam.patch.sig
MD5: 6560cbdfe24b3469dcb551d8963efdfa *auth-pam.patch
Daniel Johnson
progman2...@usa.net
-BEGIN PGP SIGNATURE-
Version: Gnu
xes.
Having both servers go down (nearly) simultaneously is distressing
when I'm basically ready for full deployment.
One (possibly) odd thing about my configuration is using the
auth-pam plugin and Samba to authenticate against our MS Active
Directory domain. I can post complete config infor
12 matches
Mail list logo
