My next step was to attempt something similar to what the big VPN service providers do, and have a few OpenVPN servers that can work in conjunction so that more clients would be able to join. Eg: if I give each client 50mbps on a 1gbps server I have around 20 clients at the most that can join, if I want anymore I would need some other fallback servers.
Since each server will have different certificates my initial idea was to generate an indidual .ovpn file for each client on each server when a user is created on my website I'm currently working on. These files would get sent back to the main web server and zipped ready to be downloaded by the windows client app. Then the client would be able to randomly select a file from this archive and attempt to connect to one, moving on to the next if the connection was unsuccessful.
All that seems fairly complex though and before I implement such a thing on my web server I want to make sure I'm going about this the right way. Since I've not really had much dealings with networking and servers in the past I'm just trying to create my own solutions for issues like these since I can't really find much information about it online.
So now comes the actual question: Am I actually over-complicating this setup and is there an easier way I can go about doing this?
Is there a way that I can make all my servers share the same ca.crt, and client certificates and keys or would that cause a potential security concern? I ask this since if I can use the same certificates, I only need the singular <ca> <cert><key> and <tls-crypt> tags, and can then list all my servers in the config as fallback servers like:
Code: Select all
remote my.server1.com 443 remote my.server2.com 443 remote-random
Any help would be greatly appreciated. Thanks