<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Tue, Apr 8, 2014 at 10:09 AM, Ryan Coleman <span dir="ltr"><<a href="mailto:ryanjcole@me.com" target="_blank">ryanjcole@me.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">So… yeah. I put my stuff on a non-performing port anyway. That should keep it “ok” for a little bit.</blockquote></div>
<br>From what I can tell, OpenVPN is the big issue here, correct? Or I suppose, if you have your web GUI exposed publicly, which is foolish.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Anyway, I imagine if you were using certifiate auth only for OpenVPN you'd be hosed. I have xauth enabled, though, so it requires client cert + username/password, which I'm assuming gives me a bit of extra insulation from heartbleed.</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">It will be interesting to hear pfsense's response to this. I haven't seen anything from them yet.</div></div>