[kwlug-disc] Initiating connections to OpenVPN clients

Paul Nijjar paul_nijjar at yahoo.ca
Sat Jul 2 00:49:51 EDT 2011

On Thu, Jun 30, 2011 at 01:23:45PM -0400, Chris Frey wrote:
> On Thu, Jun 30, 2011 at 12:17:17AM -0400, Paul Nijjar wrote:
> > This adds the following lines to the OpenVPN configuration: 
> > 
> > route;push "route
> >"
> I'm not a pfSense expert... is that semicolon a comment symbol, or
> are those two commands?

Two commands. 
> Just for safety's sake, I'd test to see what other machines I could reach
> on the network, from server B.  If Client C has forwarding
> turned off, then you're probably ok.  Otherwise, you might be exposing
> more than you realize.  And same for machines on reaching
> server B.  If you add a route on Client D to pass all
> traffic to Client C, can Client D get to Server B?

Good thinking. I will do this. I actually don't care a lot whether
network A can see all of the machines on C's network (I would actually
prefer a site to site VPN for this situation), but this is
worth checking. 

- Paul

More information about the kwlug-disc mailing list