> We're building a partly messhed VPN-network, as we are going to
> implement out internal telephony as a VoIP-solution.
> - our internal calls has to go thru the VPN's and the rest directly to
> our external VoIP provider.
I would be very interested to hear how this works out for you - I am looking
at implementing a similar setup for some of my customers and would like to
get a feeling for performance issues.
> Isn't there a way to refuse certain certificates access without
> recreating all certificates?
Yes - through a revocation list.
I am working on this feature for inclusion in a future beta, as well as
per-client configuration based on client certificates. This will not be out
for the next beta as the priority is currently focused on re-integration of
the OpenVPN package without relying on (messing up) the optional interfaces
You will need to publish a CRL with the revoked certs on and then import into
the system via the webGUI.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.