is it possible to disconnect a user from the server?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVPN Power User
- Posts: 72
- Joined: Wed Jul 22, 2020 7:46 pm
is it possible to disconnect a user from the server?
Hello,
I have been struggling to find a way to disconnect a specific user from the OpenVPN server.
Is there a way to achieve that? Any hints please?
Or alternatively do you know if there is plugin for OpenVPN to handle CoA (Change-Of-Authorisation) requests?
Many Thanks,
I have been struggling to find a way to disconnect a specific user from the OpenVPN server.
Is there a way to achieve that? Any hints please?
Or alternatively do you know if there is plugin for OpenVPN to handle CoA (Change-Of-Authorisation) requests?
Many Thanks,
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: is it possible to disconnect a user from the server?
See --management
-
- OpenVPN Power User
- Posts: 72
- Joined: Wed Jul 22, 2020 7:46 pm
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: is it possible to disconnect a user from the server?
Yes, it is also documented in the manual.
-
- OpenVPN Power User
- Posts: 72
- Joined: Wed Jul 22, 2020 7:46 pm
Re: is it possible to disconnect a user from the server?
Alrighty,
So I got connected to the management interface via telnet.
And I can see that I'm logged in.
How can I disconnect the user `houmie`?
Looking at --help, all I see is kill, which doesn't seem to be able to kill/disconnect by username. Am I missing something?
So I got connected to the management interface via telnet.
And I can see that I'm logged in.
Code: Select all
admin@de-vpn-1:~$ telnet localhost 1222
Trying 127.0.0.1...
Connected to localhost.local.
Escape character is '^]'.
>INFO:OpenVPN Management Interface Version 3 -- type 'help' for more info
status 3
TITLE OpenVPN 2.5.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 21 2021
TIME 2021-05-11 13:38:42 1620740322
HEADER CLIENT_LIST Common Name Real Address Virtual Address Virtual IPv6 Address Bytes Received Bytes Sent Connected Since Connected Since (time_t) Username Client ID Peer ID Data Channel Cipher
CLIENT_LIST clientDeVpn1 89.32.xxx.xxx:46302 10.8.0.2 280940 633030 2021-05-11 13:37:30 1620740250 houmie 0 0 AES-128-GCM
HEADER ROUTING_TABLE Virtual Address Common Name Real Address Last Ref Last Ref (time_t)
ROUTING_TABLE 10.8.0.2 clientDeVpn1 89.32.xxx.xxx:46302 2021-05-11 13:38:41 1620740321
GLOBAL_STATS Max bcast/mcast queue length 0
END
Looking at --help, all I see is kill, which doesn't seem to be able to kill/disconnect by username. Am I missing something?
-
- OpenVPN Power User
- Posts: 72
- Joined: Wed Jul 22, 2020 7:46 pm
Re: is it possible to disconnect a user from the server?
And I just tried , it can successfully kill the connection, but the client remains connected. That's bad, because the client has no idea. It should ideally disconnect instead of kill.
Code: Select all
kill 89.32.xxx.xxx:46302
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: is it possible to disconnect a user from the server?
If you are looking for a way to inform the user that they have been disconnected by the server
then you are going to be disappointed ..
I believe there has been some discussion of such functionality by the developers but, so far,
nothing has been coded ..
You might try the openvpn-users mailing list for more details.
then you are going to be disappointed ..
I believe there has been some discussion of such functionality by the developers but, so far,
nothing has been coded ..
You might try the openvpn-users mailing list for more details.
-
- OpenVPN Power User
- Posts: 72
- Joined: Wed Jul 22, 2020 7:46 pm
Re: is it possible to disconnect a user from the server?
Thank you. What a shame. I just dropped the list an email.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: is it possible to disconnect a user from the server?
If a client cannot connect due to an auth. failure then that works (or is meant to)
but not for disconnecting a client session.
There needs to be a comms. channel between the server and the client-GUI.
Well, something like that .. but there is nothing at present.
but not for disconnecting a client session.
There needs to be a comms. channel between the server and the client-GUI.
Well, something like that .. but there is nothing at present.