OpenVPN client computer names
-
Hello,
There are two OpenVPN servers running on my pfSense. One for employees, the other for subcontractors. I know the names of my employees 'computers, but I do not know the names of the subcontractors' computers. Both employees and subcontractors connect to one system working at our client's. Sometimes they use the same user to log in (I cannot create additional users in this system, because it is a client system). If the subcontractor logs in, this system will report that there is already an open session on this user. On this system it shows up with the message that on this user there is already a session open by "username + his computer name". I would like to be able to identify the names of the subcontractors' computers, as that way I can reach the user and ask him to log out. Is this only possible using WINS servers? It is now deprecated.
Sorry for my English.Regards
-
This has nothing to do with pfsense or OpenVPN. However, name resolution is handled by the DNS server these days.
-
@jknott
I tried DNS related settings in the OpenVPN server and DNS Resolver.
My OpenVPN server settings:
DNS Resolver:
In darkstat, I can see the address of the OpenVPN client, but it does not recognize the hostname.
Opinions on forums are diffrent, some say it works via DNS, elsewhere say "NetBIOS enable" must be used. There were also threads that you should use WINS or tap mode instead of tun.
I've tried everything and it doesn't recognize the hostnames of OpenVPN clients (our staff members too, but that's not a problem for me). -
@whiteeagle
Simply allow multiple sessions for a single user on the destination system if possible.Also you should enable an automatic log-off when the session is idle for a certain peroid of time.
-
@viragomann
No, it is not possible. As I wrote, these are our clients' servers. I dont administer them. -
@whiteeagle
So you will have to request the responsible admin to do this.Can't think of any you can do on the OpenVPN server, since the clients use equal user accounts on the terminal server.
-
@viragomann said in OpenVPN client computer names:
So you will have to request the responsible admin to do this.
Can't think of any you can do on the OpenVPN server, since the clients use equal user accounts on the terminal server.Maybe you got me wrong. Both our employees and subcontractors have their own individual OpenVPN accounts. However, they have one user account for the customer's system (another company). We connect to this client's network (another company) through the IPsec tunnel. When our employee tries to log into this system and the subcontractor is already logged in, a message appears that this user is already logged in to the computer (and the computer name appears here). If I could link an OpenVPN account with an unknown computer name of the subcontractor, I would know who to turn to, e.g. to log out.
Currently, subcontractors get static IP addresses from OpenVPN. So I am able to bind the user - ip account, but I am not able to bind the ip address - computer name.