Enhancement #2635

Public IP text field for OpenVPN

Added by Davide Principi over 7 years ago. Updated over 5 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-openvpn
Target version:v6.7
Resolution: NEEDINFO:No

Description

We have some scenarios where the OpenVPN client can't find the server by searching for its host name:
  • the hostname is not in DNS
  • the server is behind a transparent proxy
  • ...

For this cases we should add a text field in the OpenVPN roadwarrior UI form that overrides the host name when creating .ovpn configuration files for the clients.


Related issues

Related to NethServer 6 - Bug #2624: OpenVPN Downloaded client configuration contains a bad di... CLOSED

Associated revisions

Revision 91d72935
Added by Giacomo Sanchietti over 5 years ago

Client config generation: add Remote option. Refs #2635

Revision ff920710
Added by Giacomo Sanchietti over 5 years ago

Web UI: add Remote property. Refs #2635

Revision 7946c591
Added by Davide Principi over 5 years ago

Online help file for "Contact this server on public IP / host" field. Refs #2635

Revision 89e58280
Added by Davide Principi over 5 years ago

Online help for OpenVPN roadwarrior [italiano]. Refs #2635

History

#1 Updated by Giacomo Sanchietti over 7 years ago

  • Target version set to ~FUTURE

#2 Updated by Davide Marini almost 6 years ago

I have done this modification to the script to support this feature, by simply defining a prop per openvpn.
I already tested it and it's working: if the prop is defined the client will receive the defined remote, if not it will receive the hostname as usual.

This is the little modification:

[root@ts ~]# diff -u /usr/libexec/nethserver/openvpn-local-client.ori /usr/libexec/nethserver/openvpn-local-client
--- /usr/libexec/nethserver/openvpn-local-client.ori    2015-08-27 18:01:52.000000000 +0200
+++ /usr/libexec/nethserver/openvpn-local-client    2015-10-21 15:00:03.922377340 +0200
@@ -31,7 +31,11 @@
 }

 $OUT .= "client\n";
-$OUT .= "remote $SystemName.$DomainName\n";
+if ($openvpn->prop('Remote')) {
+    $OUT .= "remote ".$openvpn->prop('Remote')."\n";
+}else{
+    $OUT .= "remote $SystemName.$DomainName\n";
+}
 $OUT .= "port ".$openvpn->prop('UDPPort')."\n";
 $OUT .= "float\n";

now if you want to forse a specific remote just declare it as a standard prop:

config setprop openvpn Remote IP_ADDRESS_PUBLIC_NAME

#3 Updated by Filippo Carletti almost 6 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20

#4 Updated by Giacomo Sanchietti over 5 years ago

  • Target version changed from ~FUTURE to v6.7

#5 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#6 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#7 Updated by Giacomo Sanchietti over 5 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-openvpn-1.2.4-1.2.gff92071.ns6.noarch.rpm
Test case 1
  • Create a VPN account
  • Enable the roadwarrior server
  • Leave Remote field empty
  • Download the configuration file
  • The "remote" field should contain the server FQDN
Test case 2
  • From test case 2
  • Set a list of an IP and a hostname inside the Remote field
  • Download the configuration file
  • The "remote" field should contain all specified hostnames and IPs

#8 Updated by Davide Principi over 5 years ago

  • Assignee set to Davide Principi

#9 Updated by Davide Principi over 5 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 70 to 90

#10 Updated by Davide Principi over 5 years ago

System and Package Version installed

Package Installed: nethserver-openvpn-1.2.4-1.2.gff92071.ns6.noarch
Other Package installed: nethserver-vpn-1.1.7-1.ns6.noarch.rpm

Test Original Problem
New UI field "Contact this server on public IP / host" under VPN > OpenVPN tab

Install Updated Package

yum --enablerepo=nethserver-testing install nethserver-openvpn-1.2.4-1.2.gff92071.ns6.noarch

Test Results after update
The downloaded OpenVPN client configuration contains the expanded list of "Contact this server on public IP / host". Tested with IP, host name single multiple and empty.

Verified Or Reopen
VERIFIED

Note
Fixed UI label and added online help

#11 Updated by Davide Principi over 5 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-updates

nethserver-openvpn-1.3.0-1.ns6.noarch.rpm
  • Fri Nov 20 2015 Davide Principi - 1.3.0-1
    - Public IP text field for OpenVPN - Enhancement #2635 [NethServer]

Also available in: Atom PDF