[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] enforcing a route over VPN



Hello,

Am Sonntag, 5. Januar 2014 schrieb Rainer Sokoll:
> Am 2014-01-05 21:03, schrieb Christian Boltz:
> > I have a VPN connection to my mail server, and would like to enforce
> > that mails can be fetched only over the VPN connection.
> 
> What kind of VPN? IPSEC? PPTP (ouch)? OpenVPN?
> For the latter, see redirect_gateway.

openVPN. 

redirect_gateway is useful to let the client set the default route if 
needed (easier to handle than doing it on the server if you want it only 
for some clients).

However redirect_gateway only helps when the VPN connection is up.

I'd like to have something that blocks the traffic to 10.7.0.1 when the 
VPN connection is _down_. 
Call it a static route for 10.7.0.1 to /dev/null ;-)


Regards,

Christian Boltz
-- 
Die Software soll die Menschen im Netz formen? Da kommen dann Netz-
junkies raus, die am Fruehstueckstisch "ftp brotkorb" rufen, und erst
nach einem "server ready" eines verstaendnisvollen Tischnachbarn sich zu
einem lauten und vernehmlichen "get broetchen" hinreissen lassen. :-)
[aus dcoulm]

-- 
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx