openvpn and fail2ban - banning methods [oconf]

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
achang
OpenVpn Newbie
Posts: 1
Joined: Fri Nov 12, 2021 6:56 pm

openvpn and fail2ban - banning methods [oconf]

Post by achang » Fri Nov 12, 2021 7:08 pm

Hello OVPN community,

My employer is currently using openvpn (community edition) and fail2ban to identify and act on malicious log in attempts. When a user has 3 failed log in attempts, it will ban that user by its IP address. The problem we are experiencing is when employees are in the office, all user IPs are funneled through the corporate IP. From the perspective of the VPN, all users have the same IP address, so when one user gets banned, all users get banned.

Has anyone experienced this with openvpn and fail2ban? If so, can fail2ban (in conjunction with ovpn) ban by user or some other attributes perhaps? I do have my reservations about banning by user (if an attacker knows the VPN username, then they can ban legit users by intentionally entering wrong passwords). Curious to see if others have alternative methods.

Thanks for your help in advance!!

Post Reply