By janrohweder
Hi there,
The short version:
Is it possible to have dynamic OpenVPN configurations based on the client profile that is connected to it?
The long version:
I was able to successfully set up an OpenVPN server on Ubuntu 16.04 with the help of this awesome tutorial: https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-16-04
I have been using the VPN service with my computer since a couple of days and everything works amazingly well. I am still relatively new to the VPN server world, but I would like to try to improve the setup for my private use.
I followed this tutorial below to set up Pi Hole for DNS based Ad blocking: https://www.cyberciti.biz/faq/ubuntu-linux-install-pi-hole-with-a-openvpn/
This worked also without many issues, almost too well. However, sometimes I would not like to use it. Then I usually connect via SSH and change the DNS “dhcp-option” lines back to Google’s nameservers. This was the first time when I wondered if I could control the OpenVPN configuration based on the client profile that is connected to it? In best case I would have two profiles that utilize different OpenVPN configurations. Is this possible?
Secondly, due to my local internet connection, I noticed that the connection between my computer and the VPN (in another country) is sometimes very slow. It would be amazing if I could create a droplet in a region closer to my location, essentially resulting in this set up.
My computer -> VPN Connection -> Droplet 1 (close to my region) -> VPN Connection -> Droplet 2 (in target region) -> Default or VPN Connection -> Target Service
I assume that I could set up a OpenVPN server and client in Droplet 1 running at the same time. That would create a network as outlined above. But again I have the big question, if I could create multiple client profiles and depending with which profile I connect, I could control if I use the network as outlined above or maybe directly connect with Droplet 1 to the target service. Essentially is it possible to have dynamic OpenVPN configurations based on the client profile that is connected to the service?
With my beginner knowledge, I read that Tinc supports multiple nodes easily, but at the same time many users seem to prefer OpenVPN over Tinc.
In case it is relevant, I come from a web development background (PHP,JavaScript,etc.), but I also know my way around in bash scripting, Java and C++.
Any help, even just links that help me to better understand the possibilities.
Thank you,
Jan
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi @hansen ,
Thank you for your reply. Actually the target service is the least relevant item (in my point of view). I use the VPN for multiple services, but all of them are web services if that is what you are asking fo, e.g. websites, but also some custom applications through custom defined ports. This part is working fine as it is right now. I am more interested if there is some sort of dynamic configs for OpenVPN where I can change OpenVPNs config based on the client profile that connects to it.
Thank you for your response. I really appreciate you taking the time. The bottleneck is my local connection to Droplet 2. (the government of the country where I am currently living is limiting bandwidth to some western countries at specific times). That is why I would like to be able to connect to a droplet that is as close as possible to my location and then let that droplet connect to my target droplet. This way I overcome the local bandwidth limitation. However, I sometimes maybe want to connect to Droplet 1 without connecting to Droplet 2, hence the dynamic configuration I anticipate.
Regarding the DNS configuration, that tip is amazing! I will have a closer look at customizing the profiles.
Thank you.
I am located in Thailand at the moment. In the evenings connections to the USA and to Europe become horrible due to a limited bandwidth allowance of the local ISPs. However, I would like to connect to services in the USA and Europe through the VPN service running on the droplets with improved connection stability (stability is more important than latency to me). So I intend to create another droplet in Singapore. Based on my tests connections to Singapore work most of the time great here and then have that droplet connect to either the droplet in the US or in Europe, in best case based on the client profile I connect with.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.