I'm running OpenVPN-AS, VPN is running on default ports for both TCP & UDP. The machine has one nic. Ports 443 & 1194
Under Server Network Settings -> Service Forwarding both Admin Web Server & Client Web Server are checked. In this setup the client download is available on the public internet. In my eyes this is not very good security. I would only want the client to be downloadable from my internal network. (And having the Admin interface available to the public who would want that?)
So to change this I uncheck both the Admin Web Server & Client Web Server. But doing so prevents any already installed clients from connecting. (Getting a SSL error).
Am I missing something here? I really don't want my Client download and admin page to be available to the public