user (vpn) connectable to a single pc
-
I apologize if the subject has already been dealt with. It seems rather trivial to me but I can't "finish it". I already have the OpenVpn server running on Pfsense (2.6.0) and openvpn-client-export 1.6_4 with LDAP authentication.
I need to create a local user (created manually) that connects to only one local IP address set.
Second Server CA created, user created (System -> User Manager -> Users -> ADD) and user certificate at the same time.
In VPN -> OpenVpn -> Client Specific Overrides for that username of the created user I set a specific assigned address (for example 10.0.10.100) indicating the server just created from the Server List.
In the Firewall Rules -> Rules -> OpenVpn I entered the rule that all source traffic 10.0.10.100 has as its destination the static address indicated 192.168.21.100.
Now the biggest problem is that I can't find the user I created in Client Export.
Where did I go wrong?
Has a similar need occurred to you?another doubt I have ... is whether to possibly use the wizard for clients.
I don't want to compromise the configuration in use (obviously backup done)I add again ... the working VPN is on port 1196, for the other "instance" I would use another port 1198
-
The User Certs authority needs to match the OpenVPN server Certificate authority.
If you create the User Cert with any other CA, the User will not show up in the Client export for the selected Server.-Rico
-
@freemaui-0 You don't need a new CA for a new user, just the new user certificate.
-
Unfortunately I realized that some evidence too much has generated (automatically) some "uncontrolled" rule ... I leave somewhere and try to do the rounds more correctly.
