Provide multiple hostnames/IP addresses for clients

[AMDBartek]

Have the option to provide multiple ports and hostnames/IP addresses while installing OpenVPN using the script.

This would be useful if a place has a firewall and the default port is blocked but you provided multiple ports so it can use another port that you provided like 443 or 80. It could also be useful if a firewall blocks hostnames because it can use a provided IP address to directly connect without the hostname.

This feature would be extremely useful for me so I would be very grateful if this could be implemented.

[angristan]

For the ports: #542

For the hostname/IP, this is on the client side, not something that the script can manage except upon creation

[AMDBartek]

@angristan I mean while installing OpenVPN (upon creation) using the script, where it asks you to give a IP/hostname there should be an option to provide multiple IPs/hostnames, sorry for the confusion.

[angristan]

@AMDBartek okay, but what would you do with multiple IPs/hostnames?

[AMDBartek]

@angristan, For example, a computer has multiple external IP addresses/hostnames and one of the IP addresses/hostnames gets blocked by a firewall on a network that you don't own you could connect with the other IP addresses/hostnames. I would appreciate this being added to the script.

[angristan]

Yes but that is simply not supported by OpenVPN.

[AMDBartek]

But if my computer has multiple external IP addresses/hostnames couldn't I connect from both of them?

[AMDBartek]

It is supported by OpenVPN, the client-template.txt file could contain something like this as the client ovpn file can have multiple remote listed and I don't see why this couldn't be implemented in the script. Down below is an example of a client ovpn file with multiple remote
listed:

client
proto udp
remote hostname1.example.com 443
remote hostname2.example.com 443
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_EEFghRTwEmCTByUu name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3

[angristan]

Thanks, you're correct indeed:

https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/

On the client, multiple –remote options may be specified for redundancy, each referring to a different OpenVPN server.

[randshell]

I don't think it's a very common use case with a private openvpn server but maybe it can be useful for #464

@AMDBartek you can edit /etc/openvpn/client-template.txt to include this option on new profiles.

[moonprogrammer]

Nowadays each Server/VPS comes with about 1-IPv4 at least. Installing on multiple servers will increase the security instead of using one server to centralize everything @angristan ?