Re: [Openvpn-users] : ifconfig-pool-persist option

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

 Hi Jeremy,

 After you add the --duplicate-cn option no entries are written to the 
 persist file anymore.

 From my pov the only way for your use case is to configure 
 --client-cert-not-required
 and --username-as-common-name which results in persist entries of the 
 form "username,ip".

 Furthermore you should enable --tls-auth to prevent connection attempts 
 from malicious clients.

 Mathias.

 On Tue, 27 May 2014 10:07:12 +0200, Jeremy Hustache wrote:

> Hi,
>
> I have a question about the ifconfig-pool-persist option behaviour:
> Does this option deal with Common Name only ? (Is it possible to do
> association between username and IP address instead of CN and IP 
> address) ?
> On my server configuration, I use --duplicate-cn option and
> --username-as-common-name
> Is it possible to have persistent IP address for clients based on 
> their
> username (or an other information which is not the CN).
>
> Thanks for your precisions.

Re: [Openvpn-users] : ifconfig-pool-persist option

Robust and flexible VPN network tunnelling

Re: [Openvpn-users] : ifconfig-pool-persist option