Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Email Alert When VPN User Connects

    Scheduled Pinned Locked Moved IPsec
    8 Posts 4 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fenichelar
      last edited by

      I have an IPsec VPN server setup on my pfSense box. The VPN is only for me to use on my laptop and mobile phone. I just use it to avoid opening ports for remote management. Is it possible to setup an email alert anytime a user connects to the VPN? I use a syslog server with email alerts so having a critical or emergency level log message would also work. Given my single user setup, an alert would provide great intrusion detection. Thanks for the help!

      1 Reply Last reply Reply Quote 0
      • N
        n3by
        last edited by

        have a look here:
        https://forum.pfsense.org/index.php?topic=99938.msg658294#msg658294

        1 Reply Last reply Reply Quote 0
        • F
          fenichelar
          last edited by

          @n3by:

          have a look here:
          https://forum.pfsense.org/index.php?topic=99938.msg658294#msg658294

          Mmmm. Looks promising but I don't see a connect script for IPsec.

          L 1 Reply Last reply Reply Quote 0
          • N
            n3by
            last edited by

            Sorry, If you can't find a solution for IPSec at least you know you can switch to OVPN and you will have email alert.

            1 Reply Last reply Reply Quote 0
            • L
              LamaZ @fenichelar
              last edited by

              Revival of the thread!

              With the recent rash of VPN vulns actively under attack I started paying more attention to my VPN logs. Yes, I can see all kinds of activity of people probing my FW.

              I don't have a solution implemented yet, but this is just a placeholder for when I have time. I'm thinking of implementing this based off of StrongSwan's connection section left|rightupdown script in ipsec.conf as suggested in this serverfault.com post. I just need to figure out how to wire it up.

              left|rightupdown = <path>

              what updown script to run to adjust routing and/or firewalling when the status of the connection
              changes (default ipsec _updown). Relevant only locally, other end need not agree on it.
              Charon uses the updown script to insert firewall rules only, since routing has been implemented directly
              into the daemon.

              Any chance for a feature request on a field somewhere in one of the Advanced tabs in the IPSec GUI where we could specify a custom left|rightupdown script?

              -LamaZ

              noplanN 1 Reply Last reply Reply Quote 0
              • noplanN
                noplan @LamaZ
                last edited by

                Use search function of forum

                There is a pretty fly
                Open vpn connect / disconnect script

                Check in myself later

                And yes we got something like this workin here

                BR Np

                L 1 Reply Last reply Reply Quote 0
                • L
                  LamaZ @noplan
                  last edited by

                  @noplan I searched and used google as well. Maybe my search terms are poor. Can you post a link here for IPSec VPN email notifications. We don't use OpenVPN. I saw the link above on OpenVPN which I plan to leverage the implementation, but the connection needs to be specific to IPSec.

                  noplanN 1 Reply Last reply Reply Quote 0
                  • noplanN
                    noplan @LamaZ
                    last edited by

                    @lamaz

                    oh boy /me so sorry only openVPN with nomadic users in use here
                    ip-sec only for site2site

                    sorry

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.