Hello OVPN community,
My employer is currently using openvpn (community edition) and fail2ban to identify and act on malicious log in attempts. When a user has 3 failed log in attempts, it will ban that user by its IP address. The problem we are experiencing is when employees are in the office, all user IPs are funneled through the corporate IP. From the perspective of the VPN, all users have the same IP address, so when one user gets banned, all users get banned.
Has anyone experienced this with openvpn and fail2ban? If so, can fail2ban (in conjunction with ovpn) ban by user or some other attributes perhaps? I do have my reservations about banning by user (if an attacker knows the VPN username, then they can ban legit users by intentionally entering wrong passwords). Curious to see if others have alternative methods.
Thanks for your help in advance!!
openvpn and fail2ban - banning methods [oconf]
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 1
- Joined: Fri Nov 12, 2021 6:56 pm