Limit+ admin access to only specified addresses/listeners
Posted: Mon Jun 23, 2014 11:51 am
Hello,
Thank you for your project and for your effort. I really like it.
Currently, VPN admin can only be authenticated to the management interface by a password, even if user authentication is done via PKI Certificates. It leaves a dictionary attack and password brute-force on a VPN server a possibility.
If it would be possible to restrict admin access to local host/subnet, it would rule out dictionaty/brute-force attack from Internet completely for PKI authentication.
Please, consider this restrictions on addresses and/or ports.
Thank you
Thank you for your project and for your effort. I really like it.
Currently, VPN admin can only be authenticated to the management interface by a password, even if user authentication is done via PKI Certificates. It leaves a dictionary attack and password brute-force on a VPN server a possibility.
If it would be possible to restrict admin access to local host/subnet, it would rule out dictionaty/brute-force attack from Internet completely for PKI authentication.
Please, consider this restrictions on addresses and/or ports.
Thank you