Same Users/Multiple-Certs Question



  • Did some searching, but didn't see this specific problem already addressed.

    I am new to OpenVPN, but followed the guides and it works, except if I try to log in as the same user with a different cert because I get the same virtual IP address on both clients. As you would expect, that makes routing not exactly work. If I disconnect the one of the clients, the other starts working since the routing conflict has be resolved. I can log multiple different users in with no problem. The certs and real IPs are different (e.g. phone over cell network and PC over house network, and I'm not using any microcell or anything), so the only thing I'm reusing is the username/password. Concurrent connections is >=2 and besides, connecting works just fine…once I connect, routing not so much.  ;)

    Is it possible to log do what I want? I.e. one user account, multiple certs (e.g. PC-Cert, Phone-Cert, etc.), and get a different virtual IP when multiple are logged in. Thanks.

    Edit: Forgot to mention that the tunnel network is a /24 and correctly gives out different virtual IPs if the username/account is different.



  • Do you even need to use usernames then? Why not rely just on the certificates? You can change the OpenVPN type to be JUST SSL/TLS instead of that + User Auth. That's how I have my VPN setup as really I am the only one who uses it but I have different certs for different clients, and it works well for me.



  • @extide:

    Do you even need to use usernames then? Why not rely just on the certificates? You can change the OpenVPN type to be JUST SSL/TLS instead of that + User Auth. That's how I have my VPN setup as really I am the only one who uses it but I have different certs for different clients, and it works well for me.

    I could do that, but I want two factor authentication.



  • Put up your OpenVN server config.


Locked