Hello All,
I want to know common name of connecting client dynamically so that i can create
file in ccd folder whenever client comes up.
How can determine this ? what i found is --client-connect script ? but how ?
Thanking YOu
tushar
howto determine common_name of connecting Client
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
tushar.sharma
- OpenVPN Power User
- Posts: 58
- Joined: Fri Oct 07, 2011 12:23 pm
- Location: Pune
- Contact:
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: howto determine common_name of connecting Client
there's no need to do this ; the client connect script can write out a config file on-the-fly (write to "$1") ; the common name of the client is available as '$common_name' inside the client-connect script.
-
tushar.sharma
- OpenVPN Power User
- Posts: 58
- Joined: Fri Oct 07, 2011 12:23 pm
- Location: Pune
- Contact:
Re: howto determine common_name of connecting Client
thanks JJK for reply,
okay so don't i need to create directory using --client-connect script dynamically ?
And then how can i add iroute subnet netmask dynamically for each client having different subnet .
I know there subnet in advance.
Thanking You
Tushar Sharma
okay so don't i need to create directory using --client-connect script dynamically ?
And then how can i add iroute subnet netmask dynamically for each client having different subnet .
I know there subnet in advance.
Thanking You
Tushar Sharma
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: howto determine common_name of connecting Client
the client connect script can write out vpn config statement which are interpreted by the openvpn server. Hence you would do something like
and if you want to push something to the client you'd use
(mind the quotes!)
Code: Select all
#!/bin/bash
echo "iroute <network> <netmask>" >> $1Code: Select all
#!/bin/bash
echo 'push "explicit-exit-notify 3"'-
tushar.sharma
- OpenVPN Power User
- Posts: 58
- Joined: Fri Oct 07, 2011 12:23 pm
- Location: Pune
- Contact:
Re: howto determine common_name of connecting Client
Dear JJK as we have talked on IRC, we must have mapping of common_name of client & its subnet in advance
but i have username & subnet mapping,, and i have done it using username-as-common-name.
So what i can conclude here is to have multiple machines on client side we " MUST MUST " have common-name & their subnet mapping
"Correct me if I am Wrong "
Thanking You
Tushar sharma
but i have username & subnet mapping,, and i have done it using username-as-common-name.
So what i can conclude here is to have multiple machines on client side we " MUST MUST " have common-name & their subnet mapping
"Correct me if I am Wrong "
Thanking You
Tushar sharma
-
janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: howto determine common_name of connecting Client
create a 'client-connect' script which dumps the env variables; see if you can create a unique match from the env vars (with 'username-as-common-name' the env var $common_name IS the username, if I remember correctly).
Once you know how to uniquely map a username onto an iroute you can then write out the appropriate 'iroute' statements.
Once you know how to uniquely map a username onto an iroute you can then write out the appropriate 'iroute' statements.
-
tushar.sharma
- OpenVPN Power User
- Posts: 58
- Joined: Fri Oct 07, 2011 12:23 pm
- Location: Pune
- Contact:
Re: howto determine common_name of connecting Client
okay, I have done it ,,i know common name or user name of connecting client in advance
so what i did is created entry in ccd directory before hand.
And i will try out your solution too..
Thanking You,
Tushar
so what i did is created entry in ccd directory before hand.
And i will try out your solution too..
Thanking You,
Tushar