Multiple users on VPN
Posted: Wed Dec 10, 2008 10:09 am
I've ran into a problem when wanting to connect multiple users on the default VPN setup. The problem seems to be that when you setup your client machine using the information provided in the Wiki every client connects using the same client certificate. I assume then when you connect to the VPN it see's each client as the same machine then issuing them each the same IP address, obviously this is a problem. I believe that the user name and password authentication is happening via Samba, but the authentication with the OpenVPN server is happening using the certificate thus the VPN server itself thinks that the same user is connecting.
My quick fix for this has been stopping the OpenVPN service then starting it with the switch --client-cert-not-required. After doing so each client that connects is then giving a unique IP address instead of the same. Obviously you may see where not requiring a certificate to connect is a security problem.
So my question is, has anybody else had this trouble? If so what was your solution? Or do you know how to go about generating separate client certificates?
My quick fix for this has been stopping the OpenVPN service then starting it with the switch --client-cert-not-required. After doing so each client that connects is then giving a unique IP address instead of the same. Obviously you may see where not requiring a certificate to connect is a security problem.
So my question is, has anybody else had this trouble? If so what was your solution? Or do you know how to go about generating separate client certificates?