client-connect and client-disconnect

[panji]

Hi all, any idea how to configure client-connect and client-disconnect on the server side for OpenVPN AS?

TIA
panji

[BrnVrn]

Hi,

There is a text area in "Advanced VPN Settings" / "Additional OpenVPN Config Directives (Advanced)" / "Server Config Directives"

There, I typed:

Code: Select all

script-security 2
client-connect "/etc/openvpn/client-connect.sh"

The script has permission: 755.
it is as simple as:

Code: Select all

#!/bin/bash
exit 0

I still get this message in the /var/log/openvpnas.log :

client-connect command failed: could not execute external program

I don't understand what is wrong.

Bruno

[xauen]

Code: Select all

client-connect command failed: could not execute external program

Means there is really nothing to execute.

Try:

Code: Select all

#!/bin/bash
echo "this is only a test" >> /var/log/messages.log

and you should see some result

Also make it executable:

Code: Select all

chmod +x /etc/openvpn/client-connect.sh

[BrnVrn]

Thanks for your response.

The script has execute permission.
I also tried with echo "..." , but it doesn't change anything. (I saw ".. exit 0 .." advised on this forum to avoid any side effect.

I guess there are some chroot or special user involved.

In the meantime, I started from scratch with a CentOS and OpenVPN package.

It is sad as Access Server, looked quite useful at first.

Regards
Bruno

[xauen]

Can you post your server configs, probably you are using a "group nogroup" & "user nobody" in the configs. try removing that if you have it and check.

[BrnVrn]

I was using the OpenVPN Access Server appliance.

Do you want a dump of the config.db ? As explained in http://openvpn.net/index.php/access-ser ... erver.html

The Access Server run as openvpn_as:openvpn_as . I already tried to chown the script to this user without success.

Regards
Bruno

[xauen]

Seems better, lets see the logs