how to restrict?

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
arvpnick
OpenVpn Newbie
Posts: 9
Joined: Wed Mar 16, 2011 2:10 am

how to restrict?

Post by arvpnick » Sun Apr 03, 2011 11:41 am

hi, let us say i have two vps and lets name them server1 and server2 and an openvpn installed on each of them so that my clients have options where to connect whether in server1 or in server2.

i tried to generate the same username and password for my client in the two servers so that he will have a unique username and password for both servers.

my problem is i tried connecting to the two server using my two computers at the same time using the same password and username i generated and i was able to connect to the internet that is why what i want is, is there a way for me to restrict my client from connecting to the server at the same time in case he has two computers too?
thanks in advance.

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: how to restrict?

Post by maikcat » Mon Apr 04, 2011 9:12 am

hi there,


you can block 2 users trying to connect concurrently if you are
using certificates by removing duplicate-cn statement from your server config..


Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: how to restrict?

Post by janjust » Mon Apr 04, 2011 10:19 am

Michael,

this is the second thread this user opened on the subject; the previous thread died out because somebody gave a hint/pointer but apparently that wasn't enough.

As for the topic: restricting users to a single server (out of 2) is possible, but not trivial. You will need to synchronize the connected users between the two different servers. This can be done using a 'client-connect' script (and corresponding 'client-disconnect') . This script would then write out to a file or database, which is shared between both servers, that user X is connecting via Server 1 or 2; upon disconnection the entry is removed.
As stated, this is not trivial and will require some effort.

Post Reply