Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN client specific overrides - cn/username problem

    2.1 Snapshot Feedback and Problems - RETIRED
    2
    3
    1746
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mvrk last edited by

      Hi,

      Can someone explain why username-as-common-name is used?

      I've got two client specific overrides for my username mvrk, mvrk_home and mvrk_phone.

      On my linux openvpn service, i don't have the option username-as-common-name and i can login with username mvrk without problems using certificate mvrk_home or mvrk_phone.

      I'm moving my openvpn server to pfsense but after i login with mvrk it fails to push the client specific overrides because theres is no ccd mvrk.

      Is there any way to remove the option username-as-common-name?

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        We use it because in cases when there are no certificates, it's needed to make sure overrides work.

        And usually people want that effect, since sometimes people have setups that share certs but use different usernames (not my ideal preference, but I've seen people do it e.g. with shared laptops)

        There isn't a way to disable it currently, but it could maybe happen in a future version.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          mvrk last edited by

          Ok, would be great to have that in the future.

          In my case i use different certificates but same username (ldap user) but i want to give different options for each connection, for example: home pc - one IP / latop - other IP and different routes, etc…

          1 Reply Last reply Reply Quote 0
          • First post
            Last post