User and certificate match not enforced ?

  • Pfsense 2.3.4

    I'm doing some tests to solve a problem described here.
    I needed two vpn user and two certificates for two different vpn client user.
    OpenVpn server mode is: Remote Access ( SSL/TLS + User Auth ), which should stay for check both user and certificate.

    I installed the windows Vpn client for user 1 on a workstation and added the configuration for user 2 in the right folder.
    Now OpenVpn client let me choose the configuration to use to connect.
    User 1 configuration uses User 1 certificates
    User 2 configuration uses User 2 certificates

    I was very surprised I can create the vpn with User 1 certificates and User 2 credentials and any other combination. Is it a bug ?
    To put in other words the vpn is created if credentials are valid and certificate is valid, but there is no check they match.


  • LAYER 8 Netgate

    Is this checked on the server?

    ![Screen Shot 2017-07-13 at 1.12.26 AM.png](/public/imported_attachments/1/Screen Shot 2017-07-13 at 1.12.26 AM.png)
    ![Screen Shot 2017-07-13 at 1.12.26 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-07-13 at 1.12.26 AM.png_thumb)

  • No, it wasn't.
    It solves my issues, many thanks.

    Anyway I'm facing great difficulties with vpn due to lack of documentation, guides and examples.
    Is there something like "Vpn for dummies" with tips and tricks ?

  • LAYER 8 Netgate

    The pfSense Book is now available for just $24.70!


Log in to reply