| 24 | | * From http://openvpn.net/index.php/open-source/faq.html#bridge1 : "Another bridge disadvantage should be that layer2 is insecure by design, opening your layer2 exposes to arp poisoning and the like. Make sure to only bridge TAP interfaces with private ethernet interfaces which are protected behind a firewall. Never bridge a TAP interface with the same ethernet interface you use to connect to the internet, as that would create a potential security hole." |
| 25 | | * Question (from krzee): does that mean users should have 2 NICs in a bridge server...? And if im not mistaken i remember that sample-scripts/bridge-start needs a line at the bottom to readd the gateway |
| | 24 | * From http://openvpn.net/index.php/open-source/faq.html#bridge1 : "Another bridge disadvantage should be that layer2 is insecure by design, opening your layer2 exposes to arp poisoning and the like." |
