Best practices to manage many OpenVPN connections/certificates



  • Hello all,
    This is not much of an issue, but more of a clarification how to do things properly or how others doing something similar.
    I have an environment where I need to allow multiple people accessing HQ network to use various server. We currently have 2 locations with site-to-site OpenVPN functioning just fine. My dilemma is how can I allow many users (117) accessing the site #1 in a way that I dont lose my mind managing 117 different certificates? I know I can create 1 vpn instance with duplicate connection enabled which will allow multiple users using the same certificates and connections. But is that the best possible way?
    What if this scenario goes up to 500 users?

    I hope my question makes sense to offer best practices from the pfSense community.


Log in to reply