[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] named clients?

  • Subject: Re: [Openvpn-users] named clients?
  • From: Markus Feilner <lists@xxxxxxxxxxxxxx>
  • Date: Wed, 24 Oct 2007 16:50:47 +0200

On Tuesday 23 October 2007 15:26:18 Erich Titl wrote:
> Yan Seiner wrote:
> > I have a setup where a large number (large for me, anyway) of clients
> > connect to my server.
> >
> > The connections are always point-to-point, single host, so I don't add
> > any routing info for subnets.
> >
> > My problem is that the connections don't show up in any of the "normal"
> > places - ifconfig only shows one tun0 interface.  route also only shows
> > the subnet routed out tun0.
> >
> > How do I know who is connected?
> >
> > The only way I've found is to look up /var/run/openvpn/log, but that's
> > hardly ideal.
> >
> > Ideally I'd like to have openvpn update bind so I can address my clients
> > by name rather than IP...
> You can use a client-connect script on the server or inspect the status
> log file.
> cheers
> Erich
HI Yan,

One interesting feature is the status.log file (see the manpage), which is 
being used by some simple sample skripts for openvpn monitoring with nagios 
or cacti. By doing so, you have a module in your monitoring software that 
shows (always updated) the currently connected clients. I have used such a 
setup some years ago, and it worked fine.
These modules (as far as I remember) make use of the client-connect scripting 

The other thing you mentioned is bind integration. I don't see the worth of 
having bind updated automatically. I had (see an older mail in this list from 
me) a setup running, where the virtual net had a bind dns zone of its own, 
and every openvpn vlient had (due to its certificate) an defined IP and a 
hostname in the DNS.
If the client is connected, traffic flows. If not, pinging either IP or 
hostname will fail, so what's the advantage of automatic DNS-updates?

I hope that helped...

Best Regards - Mit freundlichen Gruessen
Markus Feilner
OpenVPN mailing lists