[CentOS] Ideas for stopping ssh brute force attacks

John R Pierce pierce at hogranch.com
Tue Jul 22 02:18:42 UTC 2008

Bo Lynch wrote:
> we have been looking at implementing OpenVPN to allow access to the
> internal LAN. For a firewall, we basically have iptables with 2 nics doing
> NAT. So would the OpenVPN server live inside of our private network and
> just do some forwards with iptables on the firewall or would it be better
> to implement it with by itself with 2 nics one on the public and one on
> the private?

openvpn uses a simple TCP socket for its transport, so sure, port 
forwarding would work fine.    or running it ON your firewall server, if 
thats something which openvpn can run on (pfsense, any linux firewall, etc).

More information about the CentOS mailing list