On Wed, 2015-02-11 at 11:04 +0100, Nikos Mavrogiannopoulos wrote: > > > Does it really have to be two IPs per connection? Can't you just assign > > *yourself* a single IP at startup, and use that as the local address? > > That's what I'm proposing. To take the first address from the > configured network and assign it as our address for tun purposes. > Indeed there could be someone somewhere using it, but in the end we > need an address to use. Well, the difference is that you said 'take' and I said 'assign'. I meant that you'd actually get one *given* to you by the RADIUS server. If you just *steal* an IP address which is assigned to another host on the network, then your clients cannot communicate with the *real* owner of that IP address. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150211/c945f285/attachment.bin>
