Deactivate Users from OpenVPN Server

[kaushalshriyan]

Hi,

I am running openvpn-2.4.9-1.el7.x86_64 on CentOS Linux release 7.8.2003 (Core) server. I have a specific question regarding disabling or deactivating VPN users once they leave the organization. Is there a method to revoke OpenVPN users from the command line?

I will appreciate if someone can pitch in for help. Thanks in Advance.

Best Regards,

Kaushal

[300000]

you need to use authentication on user name and password after than you need to user certificate on all user , everybody have a certificate and use revocation check list to disable or enable user on demand , if user base large it is nightmare to management huge number you need to keep certificates on secure

[kaushalshriyan]

Thanks for the reply. I will appreciate if you can point me to the document to add username password to the below mentioned configuration.

View OriginalServer config

server 10.8.0.0 255.255.255.0
verb 3
key /etc/openvpn/server.key
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
dh /etc/openvpn/dh.pem
keepalive 10 120
persist-key
persist-tun
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "route 192.168.0.0 255.255.255.0"
duplicate-cn
user nobody
group nobody
proto tcp
port 1198
dev tun
status /var/log/openvpn-status.log 60
status-version 2
log-append openvpn.log

View OriginalClient config

dev tun
proto tcp
remote 213.117.215.12 1198
cipher AES-256-GCM
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
key mukesh.key
cert mukesh.crt
ca ca.crt

Thanks in Advance.

Best Regards,

Kaushal

[300000]

your question is quite hard to answer , you need to do it yourself or going here to learn viewforum.php?f=16 after that you must do all of them and if something wrong come back here so people can help you .

when openvpn use more than one person so that is for commercial purport so consider going to openvpn access server is easy for you to management user than community version