Preventing IP Spoofing TUN Server.
Posted: Mon Aug 03, 2015 7:51 am
Hi everyone,
I am new to OpenVpn so I have a question regarding IP spoofing and authentication. I have an OpenVpn server (UDP TUN) with many untrusted clients which do not and should not communicate with each other. My main goal is to prevent IP spoofing. Is there any script I can use for that?
One way I was thinking it could prevent IP Spoofing is to have a list of the IP addresses and of the certificates installed in each client, and OpenVpn or some custom script checks for each incoming packet in the server if the source IP address matches the client certificate. I was reading that there are some scripts with tls-verify that authenticate the clients when they connect but I don't know if I can authenticate each incoming packet. Am I missing something? Or is there any simpler solution?
Thank you for your attention and sorry if I am posting in the wrong board.
I am new to OpenVpn so I have a question regarding IP spoofing and authentication. I have an OpenVpn server (UDP TUN) with many untrusted clients which do not and should not communicate with each other. My main goal is to prevent IP spoofing. Is there any script I can use for that?
One way I was thinking it could prevent IP Spoofing is to have a list of the IP addresses and of the certificates installed in each client, and OpenVpn or some custom script checks for each incoming packet in the server if the source IP address matches the client certificate. I was reading that there are some scripts with tls-verify that authenticate the clients when they connect but I don't know if I can authenticate each incoming packet. Am I missing something? Or is there any simpler solution?
Thank you for your attention and sorry if I am posting in the wrong board.