I am new to OpenVPN and would like to make a couple of points.
- Point one. This product rocks! From what I see this can serve a a complete replacement for Cisco's Anyconnect solution.
Point two. The client side needs work (at least for the version I am running but we will get to that further on)
Hopefully some of you can help me out with answers for the questions below.
1) Version Numbers - In particular, I downloaded the VMWare Appliance for the Access Server and upgraded it to 1.8.3. On the download pages I see references to versions 2.2.2 as the latest stable version. How is the 1.8.3 version related to the 2.2.2 version.
I also see that there is a OpenVPN 2.3-alpha1 version that has a new GUI. I am guessing that this is a client side GUI but I don't know for sure. Can someone clarify that for me?
2) Support for CIDR notation. In particular I wanted to segment a /24 (254 addresses) into several /27 (30 addresses). Unfortunately, my test is not working the way i would expect. Testing setup is as follows.
VPN Settings:
- Dynamic IP Address Network: 10.20.254.0/27
Routing: Yes, using routing (advanced)
- VPN IP Addresses (Subnets assigned to this group): 10.20.254.128/27
Dynamic subnet ranges for this group (optional): 10.20.254.129:10.20.254.132
10.20.254.129/None is not contained within group subnets
Any help on this would be useful.
3) User Management and Radius.
- a. Is there a way to use the radius protocol to return the settings for a user. Since the Radius users do not show up in the User Permissions I do not see way to assign them to a group or control the subnets they have access to.
b. Related to that is there a way to block a user
c. Also it would be nice to be able to terminate a user's session without blocking him.
Scott