Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN - Corporate Devices Only

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 432 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jacklloyd
      last edited by

      Hi

      I think I know the answer to this, but I just want to see if it's right/or see if anyone else is doing anything different to achieve the same thing!

      At the minute we're using OpenVPN with username and password. We're upgrading this to Username, Password & OTP with Okta (via RADIUS). The bit i'd like advice on though is the locking it down to corporate devices only.

      My thinking is that i just use the domain root CA and import that into PFSENSE as opposed to generating a root CA using the OpenVPN wizard, that way only my domain endpoint would have the CA to let it connect

      Is that how others are doing it or does anyone have any other cooler suggestions? Note, we're not looking to implement per user certificates.

      Best

      J

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.