Page 1 of 1
static IP for auth-pam or mysql auth
Posted: Tue Apr 26, 2011 4:24 am
by djsb
Hi all,
I would like to deliver a static IP for each client based on the authentication which could be pam or mysql.
Is this possible? Any direction you can share?
best regards,
Re: static IP for auth-pam or mysql auth
Posted: Tue Apr 26, 2011 9:22 am
by janjust
yes this is possible.
Use the auth-pam plugin to authenticate users; then use a 'client-connect' script to map the authenticated username to a specific IP. The 'client-connect' script can write out client-specific include options using
Code: Select all
script-security 2
client-connect </full/path/to/script/file>
I'd use a simple text file (or mysql database) to match the usernames against the IPs you want, e.g.
The script would do something like
Code: Select all
#!/bin/bash
IP=`awk "/$username/{ print $2}" client-ips.txt`
echo "ifconfig-push $IP 255.255.255.0" > $1
Re: static IP for auth-pam or mysql auth
Posted: Thu May 05, 2011 1:20 am
by djsb
Thanks for your prompt post. I've used mysql-auth and i can auth correctly, but it seems that the server is ignoring your script on client connect.
The script gets called because i get a new .tmp file on the directory containing the username and the desired ip, but still the client gets another ip.. Is there something i'm missing? Maybe on the client itself?
Re: static IP for auth-pam or mysql auth
Posted: Sun Feb 21, 2016 12:37 pm
by asdfg
Hello, i tried to use your script but i have following error:
Code: Select all
Options error: cannot parse --ifconfig-push addresses
server.conf
Code: Select all
# cat server.conf
port 1194
proto tcp
dev tun
ca keys/ca.crt
cert keys/cert.crt
key keys/cert.key
dh keys/dh2048.pem
server 10.8.0.0 255.255.255.0
keepalive 10 120
#comp-lzo
user nobody
group nogroup
persist-key
persist-tun
client-cert-not-required
script-security 2
client-connect /etc/openvpn/push-ip.sh
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so login
status openvpn-status.log
log /var/log/openvpn.log
verb 3
Re: static IP for auth-pam or mysql auth
Posted: Thu Jan 18, 2018 2:38 pm
by spykey
Hi all,
did anyone manage to get username and password on mysql to work?
If yes, could you please share your server.conf, client.conf and pam/openvpn please?
thanks