Block Users in OpenVPN



  • I set up an OpenVPN server, a CA to handle the certificates, and a server and user certificate to use with it.  I created a user for openvpn access using that certificate, and it can access the openvpn server without issue, exactly as expected.

    But, the built in System Administrator user admin (which doesn't even have a certificate by default that I can see) can ALSO access the open vpn, and I want to block that.

    I read a few forum posts, and tried adding a certificate to the admin user, and then created a certificate revocation list with that certificate and set that revocation list in the OpenVPN settings, but the admin user can still access the openvpn system.  How can I block the admin user, or other users, from being able to log into the openvpn server?



  • Check "Strict User-CN Matching".



  • That was it, thank you!