Atomicorp

Security for Everyone
https://forums.atomicorp.com/

Plesk VPN / OpenVPN and ASL

https://forums.atomicorp.com/viewtopic.php?t=3912

Page 1 of 1

Plesk VPN / OpenVPN and ASL

Posted: Mon Mar 01, 2010 1:07 pm
by breun
A client wishes to only allow access to its webserver via VPN connections. Plesk offers a VPN module based on OpenVPN. I can't seem to find any documentation for the current version of the Plesk VPN module for Plesk 9, but according to the manual for an old version of this module (Plesk 7.5):
(...) one server cannot be involved in simultaneous communication with two or more remote hosts.
I have a couple of questions:

* Does anyone know if the single host limitation is a limitation of Plesk's implementation?
* Is this limitation still present in Plesk 9? Or is this an OpenVPN limitation?
* Is the VPN module supported on the ASL kernel? I believe it needs some kernel module(s).

Re: Plesk VPN / OpenVPN and ASL

Posted: Mon Mar 01, 2010 3:37 pm
by scott
Yes we support openvpn, we also use it extensively ourselves. You can use it to do all the things you're talking about here, the plesk front end for it just isnt designed to handle it. You could for example have a multiple user VPN where the users could connect to the server, but not see each other. Or you could set it up so they could see each other, or even only specific users could see each other and the others would only see the server.

Re: Plesk VPN / OpenVPN and ASL

Posted: Mon Mar 01, 2010 5:56 pm
by faris
In my opinion, forget the Plesk OpenVPN totally, and install it from source (or rpm) from scratch.

The key thing is really the configuration. Once you have that sorted for the server and one PC then you can pretty much sprint to the finish line with a million more PCs (or networks).

It takes a little while to get to grips with the config side of things - especially if you use certificates rather than passwords (and certificates are the only way to go really), but there is plenty of documentation including step by step howtos.

A key thing to remember: The firewall on your server may block data coming in on the VPN. So if things don't seem to wotk even though you have an active tunnel and can ping things then look at the firewall. If you use TUN then you'll have a tun0 device which you can firewall independantly of eth0.

Faris.

Re: Plesk VPN / OpenVPN and ASL

Posted: Mon Mar 01, 2010 6:04 pm
by breun
I guess we'll go without the Plesk VPN module then and I'll go read up on configuring OpenVPN. Thanks, guys.
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited