[EMAIL PROTECTED] wrote on 29.11.2004 00:46:53: > [EMAIL PROTECTED] writes: > > > It seems to work ! I have not found any mistake. > > cool > > > A few comments: > > > > 1. I would recommend to add parameter for the name of local certificate. > > Now I need different certificate for every server type entry. > > I'm not sure I understand. The local name is used exactly for that. If > localname is linuxbox then : > - two files are created /etc/openvpn/tls-linuxbox.conf and > /etc/openvpn/linuxbox.up > - this is not all because the above name will also be used for the local > certificate. So, in this case this will assume that the local certificates > are linuxbox.crt and linuxbox.key >
Example what I mean: I need three simultaneous tunnels for road warriors. For that three diffrent ports are necessary, so I have to add three server type entries. I cann't use one certificate "office.crt" for all of them. I need create "office1.crt", "office2.crt" and "office3.crt". IMHO it is useless, but of course possible. > > 2. Option for use tap instead of tun device. > > this is ok now > > > 3. To be able to add tun or tap device to the bridge interface (to > > configure openvpn bridging). > > I will have a look at this. > > > 4. In openvpn entry to add field for any optional parameters (they will be > > appended to created .conf file). > > The architecture is quite limited here. You have found nice solution. > tap0, tap1, tap2 and tap+ are now avaliable. If you use 4 tunnels ... with > special zones for each if them ... well this is not possible with this > interface. tap+ and tun+ is used for all tap0,1,2,3 ... > > > 5. In zones interfaces configuration to allow use any used tap or tun > > device (not only tap0, tap1 and tun0). > > this should be ok now .. > tap+ and tun+ is ok, by me > new packages are available now. You could specify "Remote VPN Point" info on the help page. There have to be remote netmask, not IP for the tap device. Really nice work ! And prompt, thank you. Bye, bye Jaro > > thank you, > -- > Florin http://www.mandrakesoft.com > http://people.mandrakesoft.com/~florin/ > > ____________________________________________________ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com > Join the Club : http://www.mandrakeclub.com > ____________________________________________________
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
