OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

static IP for auth-pam or mysql auth

https://forums.openvpn.net/viewtopic.php?t=8005

Page 1 of 1

static IP for auth-pam or mysql auth

Posted: Tue Apr 26, 2011 4:24 am
by djsb
Hi all,

I would like to deliver a static IP for each client based on the authentication which could be pam or mysql.
Is this possible? Any direction you can share?

best regards,

Re: static IP for auth-pam or mysql auth

Posted: Tue Apr 26, 2011 9:22 am
by janjust
yes this is possible.

Use the auth-pam plugin to authenticate users; then use a 'client-connect' script to map the authenticated username to a specific IP. The 'client-connect' script can write out client-specific include options using

Code: Select all

script-security 2
client-connect </full/path/to/script/file>
I'd use a simple text file (or mysql database) to match the usernames against the IPs you want, e.g.

Code: Select all

user1 ip1
user2 ip2
user3 ip3
The script would do something like

Code: Select all

#!/bin/bash
IP=`awk "/$username/{ print $2}" client-ips.txt`
echo "ifconfig-push $IP 255.255.255.0" > $1

Re: static IP for auth-pam or mysql auth

Posted: Thu May 05, 2011 1:20 am
by djsb
Thanks for your prompt post. I've used mysql-auth and i can auth correctly, but it seems that the server is ignoring your script on client connect.

The script gets called because i get a new .tmp file on the directory containing the username and the desired ip, but still the client gets another ip.. Is there something i'm missing? Maybe on the client itself?

Re: static IP for auth-pam or mysql auth

Posted: Sun Feb 21, 2016 12:37 pm
by asdfg
Hello, i tried to use your script but i have following error:

Code: Select all

Options error: cannot parse --ifconfig-push addresses
server.conf

Code: Select all

# cat server.conf
port 1194
proto tcp
dev tun
ca keys/ca.crt
cert keys/cert.crt
key keys/cert.key
dh keys/dh2048.pem
server 10.8.0.0 255.255.255.0
keepalive 10 120
#comp-lzo
user nobody
group nogroup
persist-key
persist-tun
client-cert-not-required
script-security 2
client-connect /etc/openvpn/push-ip.sh
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so login
status openvpn-status.log
log /var/log/openvpn.log
verb 3

Re: static IP for auth-pam or mysql auth

Posted: Thu Jan 18, 2018 2:38 pm
by spykey
Hi all,
did anyone manage to get username and password on mysql to work?

If yes, could you please share your server.conf, client.conf and pam/openvpn please?

thanks
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/