Switch OpenVPN clients on a schedule
-
I'm looking for a way to switch which OpenVPN client is connected based on the time of day. Research suggests there's no obvious way to do this today so before I go start writing something, I'd just like to make sure I'm not missing anything.
Basically, during the day I want to route thru VPN servers close to me for best performance while I'm working, etc. In the evening, I'd prefer to route thru the US for Netflix, etc. I'd just like this to happen automatically without having to deal with it.
I've got some ideas on how to do it quick and simple, but if this is something others are also interested in I might put a little more effort into it and try to build it into the ui, etc. and submit a PR.
-
you probably could use schedules and policy routing todo that. (generally its best to use PASS rules when using schedules, as its easier to match the active states).
so basically you'd just have all openvpn clients connected all the time, but use their individual gateways & policy-routing to send you through the correct vpn at that time/day/schedule
-
Yeah, I sort of have it working like that right now. The problem is my VPN provider only allows 3 connections to be active at a time. So when I can afford to keep two connections up on pfsense then this works fine and I have the schedules setup as wanted. But if I forget to drop a connection during the day and head out with my phone and laptop and need to make a connection with those devices then I get refused if I have more than one connection on pfsense running. Yeah, it's just a matter of connecting to my pfsense vpn server, logging into webadmin and dropping the connection, but that's just more manual work and especially inconvenient when I need to just get my device connected.
So really, the ideal situation is at 6am pfsense connects to a local vpn server for the work day. And at 7pm it drops that connection and connects to the US server until the next morning. Basically I'm looking to add schedules to the vpn client connections themselves.
-
@SirJohnEh:
Basically I'm looking to add schedules to the vpn client connections themselves.
I would be interested in this possibility as well. Did you find a way to do that?
-
I haven't started on it yet, but it's on my things to do list.
-
@SirJohnEh:
I haven't started on it yet, but it's on my things to do list.
I reviewed this topic and found the way.
We can use Cron. Don't know how much you are familiar with this *nix stuff but this serves exactly to our purpose and PfSense has a wonderful GUI to use it very simply.Just install the package and then configure it according to this page:
https://www.freebsd.org/doc/en/books/handbook/configtuning-cron.htmlBear in mind that openvpn config files are located in this dir: /var/etc/openvpn
Each client that you configured via the PfSense GUI has a clientX.conf file where the X is the number of your client. To start the OPenVPN client you will need to configure 2 cron lines for each of them. The first will start the client and second line will kill it at a prdefined time. To make things better you can eventually arrange a shell script that before start or stop the openvpn client will check if a PID for it is running.Please let me know if you need any help on this and I'll be glad to provide more info.
Zeno