Can I use –duplicate-cn option for a specific VPN account instead of using at server level?

Sabu asked:

If I use --duplicate-cn I am seeing it taking effect over all the accounts of my server. I want to make it per client basis, so that I can give this option only to select accounts. Is it possible?

My answer:

The duplicate-cn option does apply to the entire server, so in order to do this you will need to run two instances of OpenVPN (and they will have to run on different ports).

If you’re using EL7 or Fedora this is very easy to set up. Create /etc/openvpn/server1.conf and /etc/openvpn/server2.conf with your unique configurations, and then enable them both:

systemctl enable openvpn@server1
systemctl enable openvpn@server2
systemctl start openvpn@server1
systemctl start openvpn@server2

View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.