Feature #3169
OpenVPN fixed ip support via standard db prop
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-openvpn | |||
Target version: | v6.6 | |||
Resolution: | NEEDINFO: | No |
Description
Openvpn supports binding of a specific account to a specific ip address, there is already a file named host-to-net.pool for the standard roadwarrior.
It would be useful to set this property with standard db commands, there is already a canvas in the template:
/etc/e-smith/templates/etc/openvpn/host-to-net.pool/50accounts
now it works only with the user "admin", it needs only to be adjusted to make it work properly with all users.
Associated revisions
host-to-net.pool: implement IP reservation. Refs #3169
History
#1 Updated by Giacomo Sanchietti about 6 years ago
- Category set to nethserver-openvpn
- Status changed from NEW to TRIAGED
- Target version set to v6.6
- % Done changed from 0 to 20
#2 Updated by Giacomo Sanchietti about 6 years ago
- Status changed from TRIAGED to ON_DEV
- Assignee set to Giacomo Sanchietti
- % Done changed from 20 to 30
#3 Updated by Giacomo Sanchietti about 6 years ago
- Status changed from ON_DEV to MODIFIED
- % Done changed from 30 to 60
#4 Updated by Giacomo Sanchietti about 6 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
Giacomo Sanchietti) - % Done changed from 60 to 70
Package in nethserver-testing:
- nethserver-openvpn-1.2.0-1.9.g67765e0.ns6.noarch.rpm
- Create a system user
- Create a VPN account for the system user
- Reserver an ip for it:
db accounts setprop myuser OpenVpnIp 10.0.0.1 signal-event nethserver-openvpn-save
- Verify the reservation is present inside the
/etc/openvpn/host-to-net.pool
file
- Create a VPN-only account
- Reserver an ip for it:
db accounts setprop myvpnaccount OpenVpnIp 10.0.0.1 signal-event nethserver-openvpn-save
- Verify the reservation is present inside the
/etc/openvpn/host-to-net.pool
file
#5 Updated by Davide Marini about 6 years ago
- Status changed from ON_QA to VERIFIED
- % Done changed from 70 to 90
Accounts configuration:
[root@test ~]# db accounts show . . . onlyvpn=vpn OpenVpnIp=10.9.9.10 VPNRemoteNetmask= VPNRemoteNetwork= systemuser=user City= Company= Department= FirstName=systemuser LastName=systemuser OpenVpnIp=10.9.9.6 PhoneNumber= . . .
host-to-net.pool after the nethserver-openvpn-save event:
[root@test ~]# cat /etc/openvpn/host-to-net.pool # ================= DO NOT MODIFY THIS FILE ================= # # Manual changes will be lost when this file is regenerated. # # Please read the developer's guide, which is available # at https://dev.nethesis.it/projects/nethserver/wiki/NethServer # original work from http://www.contribs.org/development/ # # Copyright (C) 2013 Nethesis S.r.l. # http://www.nethesis.it - support@nethesis.it # onlyvpn,10.9.9.10 systemuser,10.9.9.6
#6 Updated by Giacomo Sanchietti about 6 years ago
- Status changed from VERIFIED to CLOSED
- % Done changed from 90 to 100
Released in nethserver-updates:
- nethserver-openvpn-1.2.1-1.ns6.noarch.rpm