Example command I would use to replace the registered MAC:
# ./sacli -u "exampleuser" -k "pvt_hw_addr" -v "00:01:02
cd:12" UserPropPutOpenVPN MAC filtering - adding multiple MACs with post_auth script
-
stevev
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Aug 22, 2019 9:09 am
OpenVPN MAC filtering - adding multiple MACs with post_auth script
I was following this https://docs.openvpn.net/wp-content/upl ... ecking.pdf document, and I've managed to enable the MAC filtering feature. How do I add multiple MACs for a single user to the database?
Example command I would use to replace the registered MAC:
# ./sacli -u "exampleuser" -k "pvt_hw_addr" -v "00:01:02cd:12" UserPropPut
Example command I would use to replace the registered MAC:
# ./sacli -u "exampleuser" -k "pvt_hw_addr" -v "00:01:02
cd:12" UserPropPut-
novaflash
- OpenVPN Inc.
- Posts: 1064
- Joined: Fri Apr 13, 2012 8:43 pm
Re: OpenVPN MAC filtering - adding multiple MACs with post_auth script
A customer of ours requested this on our support ticket system too. By default we do not do custom post_auth development as this would lead us into a situation where everyone would ask us to code the strangest things for them (we have had some pretty weird requests). But we reviewed this particular request and implemented a means to allow 1 additional MAC address per account, although that second address has to be added manually by the server administrator. That is to avoid a security issue with automatic registration of MAC/UUID addresses on new accounts.
See https://openvpn.net/vpn-server-resource ... -checking/ for updated instructions and updated post_auth script with support for 1 additional parameter. The page contains an example on how to add a secondary MAC/UUID address.
See https://openvpn.net/vpn-server-resource ... -checking/ for updated instructions and updated post_auth script with support for 1 additional parameter. The page contains an example on how to add a secondary MAC/UUID address.