This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
vpn-server [2023/09/12 19:48] – [Routing notes] -formatting-capitalize Notes hogwild | vpn-server [2023/09/12 19:50] – [Adding certificate revocation lists] -capitalize heading hogwild | ||
---|---|---|---|
Line 402: | Line 402: | ||
- | ==== Adding | + | ==== Adding |
Within the CA, you can also revoke certificates as needed. Using your preferred CA management tool, you should be able to generate a Certificate Revocation List (CRL file). Adding this to the OpenVPN server should cause all client certificates to be checked against this revocation list. Clients which have their certificates listed in the CRL will not be able to connect. This is a common way to disable access to a VPN service on a per-user level. | Within the CA, you can also revoke certificates as needed. Using your preferred CA management tool, you should be able to generate a Certificate Revocation List (CRL file). Adding this to the OpenVPN server should cause all client certificates to be checked against this revocation list. Clients which have their certificates listed in the CRL will not be able to connect. This is a common way to disable access to a VPN service on a per-user level. | ||
Line 444: | Line 444: | ||
- | ==== Routing | + | ==== Routing |
It is possible to route all network traffic over the VPN. The OpenVPN configuration for this is fairly simple. However, you'' | It is possible to route all network traffic over the VPN. The OpenVPN configuration for this is fairly simple. However, you'' |