Hi all,
I would like to deliver a static IP for each client based on the authentication which could be pam or mysql.
Is this possible? Any direction you can share?
best regards,
static IP for auth-pam or mysql auth
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 2
- Joined: Tue Apr 26, 2011 4:22 am
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: static IP for auth-pam or mysql auth
yes this is possible.
Use the auth-pam plugin to authenticate users; then use a 'client-connect' script to map the authenticated username to a specific IP. The 'client-connect' script can write out client-specific include options using
I'd use a simple text file (or mysql database) to match the usernames against the IPs you want, e.g.
The script would do something like
Use the auth-pam plugin to authenticate users; then use a 'client-connect' script to map the authenticated username to a specific IP. The 'client-connect' script can write out client-specific include options using
Code: Select all
script-security 2
client-connect </full/path/to/script/file>
Code: Select all
user1 ip1
user2 ip2
user3 ip3
Code: Select all
#!/bin/bash
IP=`awk "/$username/{ print $2}" client-ips.txt`
echo "ifconfig-push $IP 255.255.255.0" > $1
-
- OpenVpn Newbie
- Posts: 2
- Joined: Tue Apr 26, 2011 4:22 am
Re: static IP for auth-pam or mysql auth
Thanks for your prompt post. I've used mysql-auth and i can auth correctly, but it seems that the server is ignoring your script on client connect.
The script gets called because i get a new .tmp file on the directory containing the username and the desired ip, but still the client gets another ip.. Is there something i'm missing? Maybe on the client itself?
The script gets called because i get a new .tmp file on the directory containing the username and the desired ip, but still the client gets another ip.. Is there something i'm missing? Maybe on the client itself?
-
- OpenVpn Newbie
- Posts: 1
- Joined: Sun Feb 21, 2016 2:59 am
Re: static IP for auth-pam or mysql auth
Hello, i tried to use your script but i have following error:
server.conf
Code: Select all
Options error: cannot parse --ifconfig-push addresses
Code: Select all
# cat server.conf
port 1194
proto tcp
dev tun
ca keys/ca.crt
cert keys/cert.crt
key keys/cert.key
dh keys/dh2048.pem
server 10.8.0.0 255.255.255.0
keepalive 10 120
#comp-lzo
user nobody
group nogroup
persist-key
persist-tun
client-cert-not-required
script-security 2
client-connect /etc/openvpn/push-ip.sh
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so login
status openvpn-status.log
log /var/log/openvpn.log
verb 3
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Jan 18, 2018 2:34 pm
Re: static IP for auth-pam or mysql auth
Hi all,
did anyone manage to get username and password on mysql to work?
If yes, could you please share your server.conf, client.conf and pam/openvpn please?
thanks
did anyone manage to get username and password on mysql to work?
If yes, could you please share your server.conf, client.conf and pam/openvpn please?
thanks