OpenVPN Connection Email Notifications

clifford64 · Apr 12, 2019, 12:17 AM

Hello

I have very little experience with php and packages in pfsense. In the past, I have used OpenVPN on an ubuntu host and ssmtp to send email notifications on connect and disconnect. I have seen a couple of posts about this sort of thing, but when trying to run the email commands manually, nothing comes through. I currently have the normal smtp settings setup and working within the pfsense notifications settings. Can anyone provide in depth instructions on what I need to configure and where to get email notifications on connect and disconnect?

Thanks.

Gertjan · Apr 12, 2019, 1:22 PM

Hi !

Experience isn't an issue here.
I have close to none, and worked something out in a couple of minutes.

Google will bring you very quickly to something like this : https://askubuntu.com/questions/28733/how-do-i-run-a-script-after-openvpn-has-connected-successfully - see the last reply.
It's states :

# nano /etc/openvpn/server.conf
.... 
script-security 2
client-connect /etc/openvpn/up.sh
....

( I have to admit that I have a copy of the OpenVPN server 'manual' - you can't use OpenVPN without it anyway - and it was mentioned in there ).

For pfSense, this would be :

Now, all you need is this notify.sh file.

I needed to figure out how a mail is send from pfSense.
That was far more easy as one might think.
All is here : /etc/inc/notify.inc

I wrote this file :

#!/usr/local/bin/php -q
<?php

        require_once("/etc/inc/notices.inc");
        notify_all_remote("VPN Connected");
?>

I put it in /root/ called it notify.sh and gave it exe rights.

chmod +x /root/notify.sh

I connected to my pfSense OpenVPN .... and received a mail.

Before you ask : yes, I guess it's possible to know what IP, what user etc is connecting. This means : diving into the OpenVPN manual again, etc.

clifford64 · Apr 13, 2019, 3:40 AM

I was able to get it working from your instructions. Thank you.

cofee · Mar 31, 2020, 4:29 PM

@Gertjan

Hi,

What you wrote, is a nice example. The principle of using the built-in notify is great. General messaging, with fixed content, works fine. But I can't put variables in the message. Please tell me how I can insert the values of $ {common_name} or ${untrusted_ip} into the message.

Thanks

noplan · Mar 31, 2020, 5:19 PM

in other words the way it was written down here

Link to post on this forum

cofee · Mar 31, 2020, 7:06 PM

@noplan

This link is very helpful, thank you!