JIMP - OpenVPN Tunnel Status just like IPSEC Status

fastcon68 · May 25, 2009, 5:17 AM

Jimp,
That killer widget that you wrote that for IPSEC Tunnel status, is it possible to have a OpenVPN Tunnel Status just like IPSEC Status?

I was just wondering? I just got everything working with OpenVPN instead of IPSEC.

RC

jimp · May 25, 2009, 3:01 PM

I've been working on one, off and on, a month or so.

There is no easy way to match up the tunnel configs with the running interfaces, and even when I thought I found ways around that I had issues. One side will appear as if it is up, when the tunnel may in fact be down, and some other weirdness here and there.

I haven't had a lot of time to dedicate to making it work. It does show the status for my home-to-work tunnel ok most of the time, but it still isn't perfect. Plus, the whole thing would need to be rewritten for 2.0 since it does things totally different.

Part of the problem is also collecting enough data about the different config scenarios to know how they show up for others…

eri-- · May 25, 2009, 5:09 PM

Take a look at the 2.0 status code.
Though i do not remember if opevpn in 1.2 is compiled with the options needed!

jimp · May 25, 2009, 5:16 PM

Thanks for the heads-up ermal, I'll look at it closer later. I gave it a passing glance at one time but haven't gone back to look in-depth. I only recall it being very different from 1.2.

fastcon68, I attached a screenshot of what it looks like for me at the moment, just for curiosity's sake.

jimp · May 25, 2009, 5:43 PM

@ermal:

Take a look at the 2.0 status code.
Though i do not remember if opevpn in 1.2 is compiled with the options needed!

I looked at it again and I see that's connecting back to the internal management function of OpenVPN. It's available in 1.2.x, but someone would have to manually add the code to enable it to their custom openvpn config options. Not exactly seamless…

I think what I'm doing now might work, I just need more data from different scenarios to match things up properly.

fastcon68 · May 26, 2009, 2:07 AM

I was looking at the OpenVPN Management Console. Do you think that we could at least create a portal to use that for monitoring the connections?
RC

jimp · May 26, 2009, 2:14 AM

@fastcon68:

I was looking at the OpenVPN Management Console. Do you think that we could at least create a portal to use that for monitoring the connections?
RC

After tinkering a bit, ermal may be right that it isn't all in the OpenVPN in use on 1.2.x. I can connect to the management console, but none of my clients show up in the status list. I need to try working with it a little more though.

It might be doable, but that may be beyond the scope of what could be added into 1.2.x by the time it is done, and it's already in 2.0

jimp · May 26, 2009, 5:42 AM

I uploaded a new version of the Dashboard package. It should have the alpha quality OpenVPN status widget in it if people want to give it a try and report back.

jimp · May 28, 2009, 10:53 AM

Anybody try it?

I'm curious to know if it actually works for anyone but me.

fastcon68 · May 29, 2009, 12:29 AM

I uploaded the new package. It looks like it is working. I give it some testing over the next few days.
RC

BrianBonnell · Aug 4, 2009, 9:37 PM

I've just enabled the widget. works great for one of my tunnels, but I have 2 others that show as down, when they are actually up. They are on different ports other than 1194. They are on 1195 and 1196. They are up and passing traffic, but the widget shows them as down.

jimp · Aug 15, 2009, 5:02 AM

On 1.2.x it's really hard to tie specific OpenVPN instances to their config. It's much easier on 2.0.
I'm not sure I'll ever get it working 100% on 1.2.x, it may not be worth the extra effort.