On Wed, 6 Oct 2004 satind...@in.safenet-inc.com wrote: > Hi, > I am implementing client-server openvpn with following additional > requirement: > Client-server should share a secret session-id provided by me while starting > client and server. I dont want to keep this session-id in a file on client > machine. Preferrable client will be started from an applet. This applet will > give the session-id to openvpn instance. This session-id will be sent in > each request from client to server. This session-id will be used to find out > whether this is legitimate client instance or not. It will also be used to > check the client'access policy for particular service. Its a kind of > firewall with specific permissions for each client for accessing servers.
OpenVPN already has a session ID. See session_id.c. As far as checking access policies, there are already several ways of doing this. In particular, see --client-connect and --learn-address. James