Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Patch for OpenVPN Status package (pfSense 1.2.3) - custom management IP and port

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 3 Posters 5.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      Xaox
      last edited by

      I have 2 instances of OpenVPN running.  One is UDP 1194, and the other is TCP 1194.  That would make it impossible to use the status page as written since they would both have to be on 127.0.0.1, port 1194.

      I added a little code to find the "management <ip address=""><port>;" in the custom options and just connect based on that.  The diff and new status pages are attached.

      You can now use any IP and port for the OpenVPN management interface.
      status_openvpn.php.diff.txt
      status_openvpn.php.txt</port></ip>

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Thanks!

        I kept meaning to do this but haven't had time. I'll give it a spin and commit it when I get a few minutes.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • Z
          zalex_ua
          last edited by

          If I have only one connection, then the command 'status 2' from the console returns:

          OpenVPN STATISTICS
Updated,Sat Sep 25 23:19:49 2010
TUN/TAP read bytes,480768
TUN/TAP write bytes,472879
TCP/UDP read bytes,619536
TCP/UDP write bytes,630532
Auth read bytes,473090
pre-compress bytes,171360
post-compress bytes,168716
pre-decompress bytes,66444
post-decompress bytes,71231
END

          As you can see there is no "CLIENT_LIST" text, and as a result, the table in the web interface there is no row.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Need a lot more info than just that to go on (at least whether you're talking about as a PKI server, PKI client, or shared key client), but really the test would be whether or not that works properly on 2.0. It might work there since it's a newer version of OpenVPN. I know I've seen data in that screen with only one client connected before.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • Z
              zalex_ua
              last edited by

              @jimp:

              Need a lot more info than just that to go on (at least whether you're talking about as a PKI server, PKI client, or shared key client), but really the test would be whether or not that works properly on 2.0. It might work there since it's a newer version of OpenVPN. I know I've seen data in that screen with only one client connected before.

              my system:
              pfSense 1.2.3-RELEASE
              OpenVPN 2.0.6 i386-portbld-freebsd7.2

              some part of my OpenVPN configuration:
              Mode -> Server
              TCP, custom port
              Authentication method -> Shared key (not PKI)
              Custom options -> dev tap

              Server has one incoming permanent connection.

              I check client OpenVPN 2.1.1 in other side: result of 'status 2' command is the same as in my previous post

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                The management interface status has never worked (And still doesn't) with shared key servers. Shared key clients are different as well.

                The status screen is mainly meant for PKI users.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.