Email Alert When VPN User Connects
-
I have an IPsec VPN server setup on my pfSense box. The VPN is only for me to use on my laptop and mobile phone. I just use it to avoid opening ports for remote management. Is it possible to setup an email alert anytime a user connects to the VPN? I use a syslog server with email alerts so having a critical or emergency level log message would also work. Given my single user setup, an alert would provide great intrusion detection. Thanks for the help!
-
have a look here:
https://forum.pfsense.org/index.php?topic=99938.msg658294#msg658294 -
have a look here:
https://forum.pfsense.org/index.php?topic=99938.msg658294#msg658294Mmmm. Looks promising but I don't see a connect script for IPsec.
-
Sorry, If you can't find a solution for IPSec at least you know you can switch to OVPN and you will have email alert.
-
Revival of the thread!
With the recent rash of VPN vulns actively under attack I started paying more attention to my VPN logs. Yes, I can see all kinds of activity of people probing my FW.
I don't have a solution implemented yet, but this is just a placeholder for when I have time. I'm thinking of implementing this based off of StrongSwan's connection section left|rightupdown script in ipsec.conf as suggested in this serverfault.com post. I just need to figure out how to wire it up.
left|rightupdown = <path>
what updown script to run to adjust routing and/or firewalling when the status of the connection
changes (default ipsec _updown). Relevant only locally, other end need not agree on it.
Charon uses the updown script to insert firewall rules only, since routing has been implemented directly
into the daemon.Any chance for a feature request on a field somewhere in one of the Advanced tabs in the IPSec GUI where we could specify a custom left|rightupdown script?
-LamaZ
-
Use search function of forum
There is a pretty fly
Open vpn connect / disconnect scriptCheck in myself later
And yes we got something like this workin here
BR Np
-
@noplan I searched and used google as well. Maybe my search terms are poor. Can you post a link here for IPSec VPN email notifications. We don't use OpenVPN. I saw the link above on OpenVPN which I plan to leverage the implementation, but the connection needs to be specific to IPSec.
-
oh boy /me so sorry only openVPN with nomadic users in use here
ip-sec only for site2sitesorry