On 3/18/2020 10:05 AM, Witold Tosta wrote:
> W dniu 2020.03.18 o 17:49, Matt Darfeuille pisze:
>>
>> It would be good if you could try it and if it works for you and
>> report back if you have issue(s).
>>
>>
> The solution suggested by Bob regarding the tls-auth OpenVPN option
> fully solves the
W dniu 2020.03.18 o 17:49, Matt Darfeuille pisze:
It would be good if you could try it and if it works for you and
report back if you have issue(s).
The solution suggested by Bob regarding the tls-auth OpenVPN option
fully solves the problem of security of authorization of incoming
W dniu 2020.03.18 o 17:39, Robert K Coffman Jr. -Info From Data Corp. pisze:
Not an answer to your question, but a suggestion.
Use tls-auth in your OpenVPN configuration.
https://openvpn.net/community-resources/hardening-openvpn-security/
Any packet not signed will just get dropped. Seems a
On 3/18/2020 5:23 PM, Witold Tosta wrote:
Is it possible to filter incoming connections using the GeoIP module for
the OpenVPN gateway located on the Linux Shorewall router?
From what I noticed, the entry in the /etc/shorewall/tunnels file:
#TYPE ZONE GATEWAY
Not an answer to your question, but a suggestion.
Use tls-auth in your OpenVPN configuration.
https://openvpn.net/community-resources/hardening-openvpn-security/
Any packet not signed will just get dropped. Seems a lot easier to manage.
- Bob
On 3/18/2020 12:23 PM, Witold Tosta wrote:
Is it
Is it possible to filter incoming connections using the GeoIP module for
the OpenVPN gateway located on the Linux Shorewall router?
From what I noticed, the entry in the /etc/shorewall/tunnels file:
#TYPE ZONE GATEWAY GATEWAY_ZONE
openvpnserver: 1194 net