Download page Multiple Users with Individual VPNs Sharing One Endpoint.
Multiple Users with Individual VPNs Sharing One Endpoint
Solution Based on Experience from the Field
This article provides a solution that has not been approved by the IGEL Research and Development department. Therefore, official support cannot be provided by IGEL. Where applicable, test the solution before deploying it to a productive environment.
The trick is that we have to get all the users' OpenVPN config files (.ovpn) named as <username>.ovpn and placed under /wfs
We then have this script /wfs/openvpn/connect.sh
---
#!/bin/bash
Requirements:
- all users' ovpn config file needs to be in /wfs/`
Initialise variables answer=-1 declare -a profiles=($(cd /wfs ; ls *ovpn | sed -e 's/\.ovpn//' | tr '\n' ' ')) count=${#profiles[@]}
Loop until a valid profile index is selected until [ $answer -ge 0 -a $answer -lt ${count} ]; do clear for((i=0;i<${count};i++)); do echo "${i}: ${profiles[${i}]}" done; read -p "Select the number corresponding to your account: " answer done
export variable vpnuser in case a child process needs it (probably overkill) export vpnuser=${profiles[${answer}]}
Provide a name server only if one is not already installed grep -q 192.168.1.222 /etc/resolv.conf || echo "nameserver 192.168.1.222" >> /etc/resolv.conf
Start the openvpn client openvpn --config /wfs/${vpnuser}.ovpn --daemon
---
(The nameserver bit is required. It needs to be an internal DNS server, not sure how you'd generalize this)
Next we have a custom application with "Command" as: