[ previous ] [ next ] [ threads ]
 From:  Peter Curran <lists at closeconsultants dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] OpenVPN authentication
 Date:  Fri, 3 Dec 2004 10:54:54 +0000

> We're building a partly messhed VPN-network, as we are going to
> implement out internal telephony as a VoIP-solution.
> - our internal calls has to go thru the VPN's and the rest directly to
> our external VoIP provider.
I would be very interested to hear how this works out for you - I am looking 
at implementing a similar setup for some of my customers and would like to 
get a feeling for performance issues.

> Isn't there a way to refuse certain certificates access without
> recreating all certificates?
Yes - through a revocation list.

I am working on this feature for inclusion in a future beta, as well as 
per-client configuration based on client certificates.  This will not be out 
for the next beta as the priority is currently focused on re-integration of 
the OpenVPN package without relying on (messing up) the optional interfaces 

You will need to publish a CRL with the revoked certs on and then import into 
the system via the webGUI.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.