• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Does pfSense use OpenVPN Management Interface?

Scheduled Pinned Locked Moved Development
3 Posts 2 Posters 1.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    pandafy
    last edited by Aug 26, 2021, 10:14 AM

    Hello! I am trying to find reason why it is not possible to override management interface configuration for OpenVPN in pfSense.

    Also, I would like to know how can I check runtime configuration of OpenVPN on pfSense.

    G 1 Reply Last reply Aug 26, 2021, 11:07 AM Reply Quote 0
    • G
      Gertjan @pandafy
      last edited by Aug 26, 2021, 11:07 AM

      @pandafy

      pfSense uses the "FreeBSD" OpenVPN from here : https://openvpn.net/community-downloads/ so it's a vey close to vanilla OpenVPN setup.
      What pfSense changes, it that you don't have to create a config file from scratch, the GUI will take care of that.

      Better yet : if you check that openvpn config file ( its here : /var/etc/openvpn/server1/config.ovpn ) you see that, among the entries that you entered in the GUI, there are other settings that pfSense (the GUI) adds '"behind the screens". Among them is : the access to the management interface.

      As you already found out in the ppost you linked, as management socket already exists.

      Because ..... that is the way how the Dashboard Server VPN widget 'scans' the OpenVPON server so it can update the dashboard info about a current connections.

      So, the answer to :

      Does pfSense use OpenVPN Management Interface?

      is : yes.

      Using the socket that is la ready there, you could also use this access to get information from the running OpenVPN process.
      A while back, there were many forum posts in the pfSense OpenVPN section about how to get more info about clients connecting.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      P 1 Reply Last reply Aug 26, 2021, 1:00 PM Reply Quote 1
      • P
        pandafy @Gertjan
        last edited by Aug 26, 2021, 1:00 PM

        Hello @gertjan!

        Thank you very much for clearing out my doubts.
        This was troubling me for quite a while that why there's a restriction in changing management interface.

        Even after adding management 127.0.0.1 7505 directive using Custom Options, the OpenVPN instance on pfSense always used a UNIX socket. (It opens a UNIX socket with IP address as name)

        Because ..... that is the way how the Dashboard Server VPN widget 'scans' the OpenVPN server so it can update the dashboard info about a current connections.

        This is the crucial information I was missing. I will check the documentation again to confirm if it is already mentioned there. If not, I will open an issue/pull request to add this.

        But now, I want to take a dive into the implementation of the "scan client" feature and would like to investigate why usage of TCP ports has been ruled out completely.

        It will be really helpful if you can provide links to related code or documentation which can give me a starting point.

        Again, thanks a lot. :)

        1 Reply Last reply Reply Quote 0
        1 out of 3
        • First post
          1/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received