pfSense Support Subscription

Author Topic: client options  (Read 1284 times)

0 Members and 1 Guest are viewing this topic.

Offline ichtus

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
client options
« on: April 03, 2012, 03:39:23 pm »
hy i have one openvpn server and 2 clients
server have in advanced configuration this option:
push "route 192.168.2.0 255.255.255.0";push "route 192.168.1.0 255.255.255.0"

and in client settings:
Enable NetBIOS over TCP/IP

i want that 1 user to use this settings (i know for that i must do nothing :)
and secondary user to not have push route options and NetBIOS.
Can somebody help to do that?
Thank you!

Offline Nachtfalke

  • Hero Member
  • *****
  • Posts: 2753
  • Karma: +0/-0
    • View Profile
Re: client options
« Reply #1 on: April 03, 2012, 03:53:41 pm »
Do a client specific configuration (CSC).

Just add the routes for the one client and not for the other. The same with NetBIOS.
For this you must use SSL/TLS because you need the CommonName of the Cert for the CSC.

Offline ichtus

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: client options
« Reply #2 on: April 03, 2012, 04:44:44 pm »
ok, i aheve ssl/tls, but where i found client's X.509 common name?

Offline Nachtfalke

  • Hero Member
  • *****
  • Posts: 2753
  • Karma: +0/-0
    • View Profile
Re: client options
« Reply #3 on: April 04, 2012, 09:15:06 am »
ok, i aheve ssl/tls, but where i found client's X.509 common name?

In pfsense Cert manager - if you created certs there. CommonName is the same as CN

Offline ichtus

  • Newbie
  • *
  • Posts: 16
  • Karma: +0/-0
    • View Profile
Re: client options
« Reply #4 on: April 04, 2012, 10:28:09 am »
if i use the name from CAs not working if i use the name from certificates not working

Offline Nachtfalke

  • Hero Member
  • *****
  • Posts: 2753
  • Karma: +0/-0
    • View Profile
Re: client options
« Reply #5 on: April 04, 2012, 01:03:59 pm »
if i use the name from CAs not working if i use the name from certificates not working

Go to certificates -> create a cert (for testing) and scroll down. there you will find the field "Common name". That's it.
Every cert has a common name.