Leonard Isham a écrit :
What about a dual account/ID user situation? Where one user is a
normal user with all the restrictions and the other has administrator
rights. The first is used to login the second, administrator
equivalent is for storing the certificate and running the service.
go
is there any plan to have the following functions (mainly for windows,
but other os could):
- on server request, block all traffic except vpn (by route, firewall,
or else ?)
- on connection, execute some programs
on clients: maybe with integrity check (md5+sha1+rmd160).
example: launch ant
Denis Vlasenko wrote:
On Friday 14 May 2004 21:05, James Yonan wrote:
Right now all new patches are going into 2.0, but I'm certainly amenable to
merging localized patches such as the route patch for darwin into 1.x.
I will add to the todo list for 1.6.1.
Hmm. On Unixlike systems it typical
is there any plan to include route patch for darwin in 1.x ?
http://cvs.sourceforge.net/viewcvs.py/openvpn/openvpn/route.c?r1=1.2.2.4&r2=1.2.2.5
thanks
Regards
Julien Touche
James Yonan wrote:
That's just the --verb 5 debugging mode that shows packet flows through
OpenVPN. Try using --verb 4 or lower to suppress that output.
ok i've missed the changelog, thanks
the pull options seems also to not work or is it only for "mode server"
as i'm using "proto tcp-ser
tions seems also to not work or is it only for "mode server"
as i'm using "proto tcp-server" (in this setup, udp returns udp port X
unreachable) and shared secret for now ?
Regards
Julien Touche
: Julien TOUCHE
References: <40255088.6020...@lycos.com>
you could fetch the default route. this is not exactly trivial, but not
too hard either - in usr.sbin/bgpd/kroute.c, fetchtable() has the code
to do that. might be an inspiration.
no, it's not trivial ;-)
--
http://2suck.net/hhwl.
for ; Sat, 17 Jan 2004 18:21:19
+0100 (CET)
Message-ID: <40096f60.8080...@lycos.com>
From: Julien TOUCHE
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6b)
Gecko/20031205 Thunderbird/0.4
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: openvpn
for ; Fri, 16 Jan 2004 23:14:25
+0100 (CET)
Message-ID: <40086293.4040...@lycos.com>
From: Julien TOUCHE
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6b)
Gecko/20031205 Thunderbird/0.4
X-Accept-Language: en-us, en
MIME-Version: 1.0
CC: openvpn
Recently, i gate the following error with openvpn 1.5
un Jan 11 21:29:40 2004 554: write UDPv4 []: No buffer space available
(code=105)
Sun Jan 11 21:29:40 2004 555: write UDPv4 []: No buffer space available
(code=105)
Sun Jan 11 21:29:42 2004 556: 352 variation(s) on previous 3 message(s)
sup
Ian D. Bjorhovde wrote:
I do not run into this issue if I use the UDP client.
this, IS strange ...
If I change the permissions of the key file (i.e. mode 666), I don't
get an error (rather a warning about open permissions on the key file),
but then I get the same permission denied error when
i'm testing ntop2 (2.2.95 to be precise on linux) to monitor some
openvpn tunnel. one question arise: how could ntop get
Headersize/mtu/maybe others from openvpn/proc/else ?
Thanks & Regards
Julien
Original Message
Subject: [Ntop] Unknown DLT types (was a use
Hello
i've setup a vpn between
linux 2.4 <-> winxp (1.5b12 both)
tcp-server - tcp-client
works well
but it seems that when the client stops, the server died
Sun Oct 26 18:53:50 2003 0: OpenVPN 1.5_beta12 i586-pc-linux-gnu [SSL]
[LZO] built on Oct 14 2003
Sun Oct 26 18:53:50 2003 1: Static Encr
James Yonan wrote:
Right, but I don't think this behavior has changed since 1.4.x? You need to
sorry, i was thinking all unix could call "dev tun" or "dev tap". not a
real pb.
> Not sure about that -- it would be handled by the tun driver on OpenBSD.
OpenVPN never sees the packet when the
test between debian linux 2.4.21 <-> openbsd 3.4, beta12 on the 2 sides
works well
one comment for openbsd, "dev tun" doesn't work:
Tue Oct 14 12:14:14 2003 6: /sbin/ifconfig tun delete
ifconfig: SIOCGIFFLAGS: Device not configured
Tue Oct 14 12:14:14 2003 7: NOTE: Tried to delete pre-existing
James Yonan wrote:
If you are asking if OpenVPN works with NAT, the answer is yes.
not really, would be more: does it work with one host having a remote
publiv vpn server and the server treating with anyone having pass/cert
without knowing its ip and not being able to join host ?
setup lik
julien Touche wrote:
one extra could be:
for a client side hidden behind a gateway (so no public ip) could
contact and establish a vpn with a public box.
would it be possible without any relay on the client gateway ?
finally, what about this question ? do you think it is possible ?
thanks
i have test the above conf today (with tap), but have two problems:
* first, win2k host can ping local & remote host, but linux one can only
ping itself.
a tcpdump on linux:
20:08:02.865325 arp who-has 10.0.2.2 tell 10.0.2.1
20:08:03.863142 arp who-has 10.0.2.2 tell 10.0.2.1
20:08:04.863141 arp w
James Yonan wrote:
What I need right now in order to make the TAP version of --ifconfig work
correctly, is the correct ifconfig command syntax for setting the IP address
and netmask of a TAP device, on all the OSes which OpenVPN supports. I've
already coded templates for Linux and Windows, but
James Yonan wrote:
I'm thinking about something like this in a more generalized context, where
OpenVPN running as a server would actually generate the config file for the
client, and send it to the client via SSL after an initial authentication
handshake. This would simplify the configuration
works well with openbsd 3.4-beta
question regarding windows openvpn (thanks a lot for this :), is it
possible to have some script executed (like add a route for the other
side subnet) ?
Regards
Julien
James Yonan wrote:
If anyone out there is running 1.5-beta5 or later on OpenBSD, FreeBSD, NetBSD,
Mac OS X, or Linux 2.2, please let me know.
i test it today in the following conf:
linux 2.4 (openvpn 1.3) <-> openbsd 3.2-stable (beta): ping OK
linux 2.4 (1.3 or beta) <-> windows2k (beta):
Hi
first greetings for openvpn which is a best of for easy VPN :)
i have a small list of questions i can't answer myself:
- at which stage is the win32 port ? always looking for tun driver ?
i give a glimpse to cipe driver which seems "simple unix2win" NDIS
driver but 1-cannot compile (need ndi
23 matches
Mail list logo
