On 11.01.24 20:35, Peter Davis via Openvpn-users wrote:
On Wednesday, January 10th, 2024 at 11:25 AM, Gert Doering <g...@greenie.muc.de> wrote:On Wed, Jan 10, 2024 at 07:53:35AM +0000, Peter Davis wrote:True, but I don't want to create a key for each employee in the department.Abandon that thought. We've been here before: you need unique keys per user, everything else will just make your life painful and miserable.If each user has their own key, then there should be a Client.conf file for each user, which itself contains a unique IP address, a unique port and a unique TUN. For example, for 100 users, there are 100 configuration files, 100 IP addresses, 100 open ports and 100 TUNs.
Please specify whether you're talking about the server or the client side setup; you're mostly wrong either way, but for different reasons.
Unless you're setting up the most unused VPN solution ever, though, you *do* need separate cert+privkey pairs for every *device* connecting to the VPN.
Kind regards, -- Jochen Bern Systemingenieur Binect GmbH
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
