On Tue, Apr 8, 2014 at 10:09 AM, Ryan Coleman <ryanjcole at me.com> wrote:

> So... yeah. I put my stuff on a non-performing port anyway. That should keep
> it "ok" for a little bit.


>From what I can tell, OpenVPN is the big issue here, correct? Or I suppose,
if you have your web GUI exposed publicly, which is foolish.

Anyway, I imagine if you were using certifiate auth only for OpenVPN you'd
be hosed. I have xauth enabled, though, so it requires client cert +
username/password, which I'm assuming gives me a bit of extra insulation
from heartbleed.

It will be interesting to hear pfsense's response to this. I haven't seen
anything from them yet.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20140408/ac5ef3d8/attachment.html>