What we did was created different profiles using local database TLS authentication and have the client connected via these profiles with the right users name and password but if multiples peoples connecting using the same profiles for some reason it get the same tunnel address, am not sure how to fix it, that what we want we want these users to be able to access our switches as it stage as our local networks is define as a /27 for each users profiles for these switches to do IOS/trap...etc.
--BON ----- Original Message ----- From: Jim Pingle Sent: 09/10/12 05:07 AM To: pfSense support and discussion Subject: Re: [pfSense] openVPN Bug? On 9/10/2012 7:47 AM, OSN | Marian Fischer wrote: > Client Setting: > Dynamic-IP: Allow connected clients to retain their connections if their IP address changes. > Address Pool: Provide a virtual adapter IP address to clients (see Tunnel Network) > > The problem: > If i connect to OpenVPN from an external Notebook with User-1 all works fine. > If i conncet simultaneously from a second Notebook with different IP but the same OpenVPN user (User-1) > the packets get confused ;) > Both connections get the same tun-IP. I think the way back of the Packets get split - some to notebook1 and some to notebook2. > > I think this is no feature ;) If you use the same certificate on two clients, it will do that. Or if you connect two clients to a shared key instance, it will do that. In the first case, you can check "Duplicate Connections" to allow multiple people to connect from the same certificate, but that is highly discouraged. Use SSL/TLS and give each client their own certificate and you'll be much better off. Jim _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
