userdoc:openvpn_access

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
userdoc:openvpn_access [2016/02/22 06:20]
droemel
userdoc:openvpn_access [2017/08/10 03:41]
droemel
Line 15: Line 15:
     * or create another iptables rule: "''iptables -A INT_INPUT_CHAIN -s 10.8.2.0/24 -j DROP''" for each subnet     * or create another iptables rule: "''iptables -A INT_INPUT_CHAIN -s 10.8.2.0/24 -j DROP''" for each subnet
   * The easy way is to push the internal LAN route in the OpenVPN server config (//push route 192.168.3.0.255.255.255.0 in this case//).   * The easy way is to push the internal LAN route in the OpenVPN server config (//push route 192.168.3.0.255.255.255.0 in this case//).
-  * The more secure way is NOT to push the route in the OpenVPN server config, but instead push only the relevant allowed destinations in the OpenVPN ccd/client file like "''push route 192.168.3.200''", but in this case the "Employees Class" from the example wouldn't work, cause there is no file to include the routing.+  * The more secure way is NOT to push the route in the OpenVPN server config, but instead push only the relevant allowed destinations in the OpenVPN ccd/client file like "''push "route 192.168.3.200"''", but in this case the "Employees Class" from the example wouldn't work, cause there is no file to include the routing.
  
 === Examples === === Examples ===
  • userdoc/openvpn_access.txt
  • Last modified: 2017/08/10 03:43
  • by droemel