Page 1 of 1

Access Server push-route with openvpn-as

Posted: Wed Jun 12, 2019 9:50 am
by mobios
Hello,

OS: Ubuntu 18.04
openvpn-as:2.7.4-777bcfe6-Ubuntu18


with the opensource openvpn i used ccd to push routes to my clients like:

/etc/openvpn/ccd/username
push "route x.x.x.x x.x.x.x"

/etc/openvpn/server.conf
username-as-common-name
client-config-dir ccd


Did anyone know how i can do the same with openvpn-as ?
It was very cool if i can do that with a post-auth script

Please Help
mobios

Re: Access Server push-route with openvpn-as

Posted: Wed Jun 12, 2019 3:08 pm
by novaflash
You are supposed to use the web interface to give each user access to specific subnets using the access control functions there. Is there a particular reason you are not using those?

Re: Access Server push-route with openvpn-as

Posted: Thu Jun 13, 2019 8:22 am
by mobios
Hello novaflash,
thanks for your reply. I found out openvpn_as search ccd directory under /run/openvpn_as/ccd if i set:
client-config-dir ccd

The problem is after reboot the ccd directory will be deleted :(

I think i will do like you suggests novaflash with access control function in the web interface.

Re: Access Server push-route with openvpn-as

Posted: Thu Jun 13, 2019 9:09 am
by novaflash
Alright, it makes sense to use the recommended methods to give your users access. Also because of the fact that Access Server enforces these rules with iptables rules, so even if you force a route into the client side, and Access Server is not aware it needs to give access to resources, it would most likely end up being blocked in Access Server anyways. So try to use the recommended method, please.

If there is a convincing reason it needs to be done differently we'll take a look at this again.