Scripts which allow the use of special authentication methods (LDAP, AD, MySQL/PostgreSQL, etc).
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
imjebran
- OpenVPN Power User
- Posts: 75
- Joined: Tue Jul 03, 2012 10:38 am
Post
by imjebran » Tue Apr 16, 2013 11:24 am
Hello,
My config file is.
tls-server
port 53
proto udp
topology subnet
dev tun
client-cert-not-required
username-as-common-name
ca "C:\\Program Files\\xxxx.crt"
cert "C:\\Program Files\\xxxxr.crt"
key "C:\\Program Files\\xxxxx.key"
dh "C:\\Program Files\\xxxxx.pem"
server xx.xxx.xx.224 255.255.255.224
push "redirect-gateway def1 bypass-dhcp"
cipher AES-256-CBC
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 8.8.4.4"
duplicate-cn
keepalive 10 120
tls-auth xxx.key 0 # This file is secret
comp-lzo
persist-key
persist-tun
status openvpn-status.log
management localhost 7505
log-append openvpn.log
verb 3
mute 20
route-method exe
script-security 3
auth-user-pass-verify "C:/xx/xxx.exe C:/xxx.php" via-file
How can I set openVPN assigned randomly IPs from this pool xx.xxx.xx.224 255.255.255.224.
Regards,
Jebran.
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
-
Contact:
Post
by janjust » Tue Apr 16, 2013 1:20 pm
normally, OpenVPN assigns addresses linearly; if you want to make it random you can use a 'client-connect' script to assign a random IP address . In this case you'd need to keep track of the assigned IPs yourself (in order to prevent the same IP from being handed out twice).
-
imjebran
- OpenVPN Power User
- Posts: 75
- Joined: Tue Jul 03, 2012 10:38 am
Post
by imjebran » Wed Apr 17, 2013 8:06 am
Hello Janjust,
Can you please advise any link from where I can get idea to apply this.
Regards,
Jebran.
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
-
Contact:
Post
by janjust » Wed Apr 17, 2013 8:44 am
for Windows servers, I have no idea - my best bet would be some PowerShell script , or perhaps even PHP - you seem to be using that already.
-
imjebran
- OpenVPN Power User
- Posts: 75
- Joined: Tue Jul 03, 2012 10:38 am
Post
by imjebran » Wed Apr 17, 2013 9:56 am
Thanks for the advise, can you provide any example script of linux based OpenVPN server.
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
-
Contact:
Post
by janjust » Wed Apr 17, 2013 10:36 am
I'd use 'topology subnet' to assing IPs and the rough idea for the client-connect would be something like
Code: Select all
#!/bin/bash
num_attempts=10
while [ $num_attempts -gt 0 ]
do
POOL=192.168.100
# generate the last IP digits randomly between 16 and 48
RANDIP=$POOL.`echo 16+32*$RANDOM/32768 | bc`
# not taken yet?
if [ ! -r /etc/openvpn/ip-pool/$RANDIP ]
then
# take it
touch /etc/openvpn/ip-pool/$RANDIP
# write out the ifconfig line to $1 which is picked up by openvpn
echo "push \"ifconfig $RANDIP 255.255.255.0\"" > $1
fi
let num_attempts--
done
echo "ERROR: could not assign a random address in 10 attempts - aborting!" 1>&2
and a 'client-disconnect' would delete the assigned IP:
Code: Select all
#!/bin/bash
rm -f /etc/openvpn/ip-pool/$ifconfig_pool_remote_ip
-
imjebran
- OpenVPN Power User
- Posts: 75
- Joined: Tue Jul 03, 2012 10:38 am
Post
by imjebran » Wed Apr 17, 2013 11:20 am
it will be helpful for us,
Thanks,
Jebran.