|
|
By creating individual SSL Certificates and per-User settings in /etc7openvpn/ccd/<cn_of_the_certificate> we're able to assign static IP addresses to our VPN clients. So far, so good. We also use "auth-user-pass" and the user needs to specify his/her email passwort to gain VPN access to our net. So far so good. But can I prevent a user from using HIS SSL certificate but somebody else's credentials? E.g. he/she uses the cert with the cn hildeb.vpn.charite.de, but uses the username "someotheruser" and the appropriate password? I wonder if it's possible to tie the use of the username hildeb to the certificate with the cn hildeb.vpn.charite.de, e.g. using a map that specifies: hildeb hildeb.vpn.charite.de otheruser otheruser.vpn.charite.de -- Ralf Hildebrandt (i.A. des IT-Zentrums) Ralf.Hildebrandt@xxxxxxxxxx Charite - Universitätsmedizin Berlin Tel. +49 (0)30-450 570-155 Gemeinsame Einrichtung von FU- und HU-Berlin Fax. +49 (0)30-450 570-962 IT-Zentrum Standort CBF send no mail to spamtrap@xxxxxxxxxx ____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users |