On Mon, 2015-02-09 at 17:25 +0100, Nikos Mavrogiannopoulos wrote: > > Correct. That still does leave the problem of what to put there. Maybe > it would make sense to restrict all explicit IPs to only even values, > and use the odd value as the local one. That at least would prevent > major surprises. You only need *one* internal IP address, and you can use that as the local IP address on all the tunnels. Perhaps you could use the external IP address of the server, but maybe it's best to use something that the clients can route to *through* the VPN. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150209/bd0448d1/attachment-0001.bin>
