I want to see the users that logon and logoff from/with Openvpn on our Pfsense machine. (they connect with cerificates) I do not see any authenticated log rules. The rest i see in our syslog file
I have made an export to syslog (export pfsense-Openvpn log.)
I want to see
Ask OpenVPN to show the details.
to the maximum value.
Expect a lot of details.
@Gertjan Thank You
Thats a lot of information but not al little overkill
. It still not clear on when a user exactly connect and disconnect
With the OpenVPN RAS Verbosity Level set to default I see those two lines after a User authenticated successfully:
Mar 23 15:57:01 openvpn 62926 CLIENTIP:CLIENTPORT [USERNAME] Peer Connection Initiated with [AF_INET]CLIENTIP:CLIENTPORT Mar 23 15:57:01 openvpn user 'USERNAME' authenticated
It still not clear on when a user exactly connect and disconnect
Have a look here.
Very recently, some threads discussed just that : VPN connect and disconnect notifications. SEnd to you by mail, etc.
Log with a matching User/Cert but wrong password:
Mar 23 16:02:42 openvpn user 'USERNAME' could not authenticate.
Log with a wrong (unknown) User:
Mar 23 16:05:15 openvpn Username does not match certificate common name (WRONGUSER != USERNAME), access denied.
@Rico the first line i found. the second log line i did not found.
The connect line is found.
But the disconnect line in the logfile is not so clear
the only rule is this one. The problem is that i does not say the username. Only that some one disconnects.
openvpn: MANAGEMENT: Client disconnected
@Rico we only use certificates without the username part.
@Gertjan but thats different right? i use syslog and not direct php on the pfsense system