Establishing VPN connection from Windows Server

Scripts with setup, destroy, and modify routing tables and firewall rulesets for client connections.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
sandrok
OpenVpn Newbie
Posts: 1
Joined: Wed Apr 20, 2022 11:37 am

Establishing VPN connection from Windows Server

Post by sandrok » Wed Apr 20, 2022 1:03 pm

Hello!

I am administering a QlikView site (business intelligence software, running on Windows Server) and we have some data, that can only be accessed via an OpenVPN connection. The idea is, that the connection is established right before accessing the database and torn down right after being done. I have created a Powershell script, which essentially uses the openvpn-gui.exe to establish and close the connection and also monitors the log file to only return when the connection is establish to ensure the data loading doesn't commence prematurely. That script is then executed from the QlikView loadscript (ETL process) and it is thus the coordinating mechanism between establishing the VPN and accessing the DB.

It all works flawlessly when working with QlikView Desktop, which is executed via a normal windows user. The script basically runs in the same user session and the OpenVPN-GUI pops up etc.

When trying to execute via the ETL process on the server, the loading is done via a service, which runs under a Domain user account. The loading is actually done via another process, which is spawned for every load. When requesting the executing user from within the Powershell script, it even says that it is the System user. Not sure about the connection there. I have used the --config_dir and --log_dir switches to point to the right directories

The problem is, that the Powershell script is started, but no log file is ever created (nor is a VPN connections established, of course). It might simply not be possible to run GUI applications from within Windows Services. I have also looked at openvpn.exe, which I can control via commandline, but I am not sure what to do with it. The connection only seems to be established for that very terminal and doesn't return. There are options to hand over commands (--up, --down etc.), which could lead me to complicated solutions, which could orchestra the process. But I'd really like to avoid that.

What do you guys see, that I don't? Any way to get this to work as envisioned?

Thanks!

Sandro

Post Reply