Hi, On Mon, Jan 19, 2015 at 09:46:54AM +0100, Stephan Alz wrote: > I'm curious about this as well. Doesn't the openvpn server has a built in > security mechanism to > protect against unwanted ip change from CCD clients?
Very much so - it will just ignore packets a client sends using different
source IPs.
> When I try to redo the commands manually and set the ip to 192.168.77.2 to
> endpoint 192.168.77.1
> everything works flawlessly, the routing table looks OK (like it would be
> with a config which assigns the .2 ip),
The server can not stop a client from doing things on the client side
(how should it?), but it will just plainly ignore your packets now...
> but no packets go through the interface anymore.
...mission accomplished :-)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
pgpV_s226Kt2O.pgp
Description: PGP signature
------------------------------------------------------------------------------ New Year. New Location. New Benefits. New Data Center in Ashburn, VA. GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth. Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/sfu/gigenet
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
