Tweet
I have 5 people connecting to the same openvpn server. We are using smartcard authentication and PLAP. This is functioning well. Where things get odd is when a person reboots. When a windows 10 client reboots, they get reconnected without having to reauth with the smartcard. Server logs them in without ever presenting the smartcard pin/password prompt. Windows 11 clients, they are presented with the smartcard password box.
Another example, if all 5 are logged in to openvpn and I restart the openvpn server, only the 1 person running windows 11 will be reprompted for their password. Windows 10 clients just reconnect using the smartcard cert without a prompt.
The client side configs files are identical except for the 'pkcs11-id' line in the file referencing the smartcard certs.
We also all use the same smartcard, yubikey 5 fips.
The Openvpn server must be remembering the cert for the connections somehow? Or maybe the smartcard is staying unlocked across reboots? Anyone think of any reason this might be happening?
Another example, if all 5 are logged in to openvpn and I restart the openvpn server, only the 1 person running windows 11 will be reprompted for their password. Windows 10 clients just reconnect using the smartcard cert without a prompt.
The client side configs files are identical except for the 'pkcs11-id' line in the file referencing the smartcard certs.
We also all use the same smartcard, yubikey 5 fips.
The Openvpn server must be remembering the cert for the connections somehow? Or maybe the smartcard is staying unlocked across reboots? Anyone think of any reason this might be happening?
Comment