Hello,
Thank you for your project and for your effort. I really like it.
Currently, VPN admin can only be authenticated to the management interface by a password, even if user authentication is done via PKI Certificates. It leaves a dictionary attack and password brute-force on a VPN server a possibility.
If it would be possible to restrict admin access to local host/subnet, it would rule out dictionaty/brute-force attack from Internet completely for PKI authentication.
Please, consider this restrictions on addresses and/or ports.
Thank you
Limit+ admin access to only specified addresses/listeners
-
- Posts: 3
- Joined: Fri Jun 13, 2014 7:21 am
-
- Posts: 15
- Joined: Fri Jun 12, 2015 6:12 pm