#154 closed Bug / Defect (invalid)
No client-to-client in server config, but also can ping other client which logined vpn
Reported by: | amao | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | release 2.2.2 |
Component: | Networking | Version: | OpenVPN 2.2.0 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | client-to-client |
Cc: |
Description
Operating system :CentOS release 5.6 (Final)
Your ./configure command-line :./configure
[root@localhost openvpn]# openvpn --version
OpenVPN 2.2.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [eurephia] built on Aug 12 2011
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@…>
$ ./configure
Compile time defines: ENABLE_CLIENT_SERVER ENABLE_DEBUG ENABLE_EUREPHIA ENABLE_FRAGMENT ENABLE_HTTP_PROXY ENABLE_MANAGEMENT ENABLE_MULTIHOME ENABLE_PORT_SHARE ENABLE_SOCKS USE_CRYPTO USE_LIBDL USE_LZO USE_SSL
When I login openvpn server (don't have client-to-client directive ) ,get ip: 10.9.0.156
Other people login this openvpn server ,get ip:10.9.0.102
On my computer ,
C:\Documents and Settings\USER>ipconfig
IP Address. . . . . . . . . . . . : 10.9.0.156
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.9.0.1
C:\Documents and Settings\USER>ping 10.9.0.102
Pinging 10.9.0.102 with 32 bytes of data:
Reply from 10.9.0.102: bytes=32 time=941ms TTL=127
Reply from 10.9.0.102: bytes=32 time=912ms TTL=127
Reply from 10.9.0.102: bytes=32 time=639ms TTL=127
Reply from 10.9.0.102: bytes=32 time=1478ms TTL=127
Ping statistics for 10.9.0.102:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 639ms, Maximum = 1478ms, Average = 992ms
Change History (6)
comment:1 Changed 14 years ago by
comment:2 Changed 14 years ago by
Milestone: | release 2.2.1 → release 2.2.2 |
---|
Moving to milestone 2.2.2
comment:3 Changed 13 years ago by
Component: | Generic / unclassified → Networking |
---|
Can you please provide server and client configuration for this setup? We need to try to reproduce this issue to see if this is expected or not. As in some configurations, this is expected behaviour.
comment:4 Changed 13 years ago by
not having client-to-client means "packets travel to the tun adaptor of the openvpn server, and then back to openvpn". So to actually stop packets from client A to reach client B, there needs to be a firewall filter on the server side tun adaptor.
comment:5 Changed 13 years ago by
Resolution: | → invalid |
---|---|
Status: | new → closed |
In IrcMeetings IRC meeting on 8th Dec 2011 agreed that this is not a bug, but a configuration mistake. Closing as "invalid".
comment:6 Changed 11 years ago by
Using --dev tap and removing --client-to-client will stop all intra-client traffic.
the client system is: windows xp
openvpn server include: topology subnet