Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Solved : Two VPN users

    OpenVPN
    3
    5
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jamerson
      last edited by

      Dear all,
      i've managed to create two VPN users with Two different Certificates.
      one user is the Admin for the manage and the second one is just to connect nothing more .

      when i tried to export the client 2 ( user) it not allowing me too, i've checked the correct certificate and user, but still can't see the export profile.

      any suggestions ?
      i've attached a screenshot
      VPN.jpg
      VPN.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        I can't see the admin user in the export tool also.

        There must be something wrong with your certificates. Check this again.

        For cert-auth you have to create a:

        • CA

        • server certificate

        • user certificate for each user

        Server certs and user certs for one VPN server must be from the same CA!
        The user certs may be created in the user manager.

        In VPN server setup you have to select one of the "SSL/TLS" server modes. Then you have to select the CA and the proper server cert.

        If this is done you can go to Client Export tool, select the VPN server if you have more then one and all users whos certificate is from the same CA as the one of the selected server should be listed for export there.

        1 Reply Last reply Reply Quote 0
        • J
          Jamerson
          last edited by

          do you mean create just users and assign the same CA to the user ?

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis
            last edited by

            The user certificates for all the users that connect to 1 server must all be under the same CA.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • J
              Jamerson
              last edited by

              @phil.davis:

              The user certificates for all the users that connect to 1 server must all be under the same CA.

              Thank you Phil,
              i just created a RADUIS configuration with my domain controllers and it works really great.
              thank you so much
              to other who might have the same issue or want to have a RADUIS to AD. please follow the below link.

              https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory
              
              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.