Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 27 December 2024, 11:26:09 pm

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  OpenVPN listen on both TCP and UDP port, but "Connection status and control" ...
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: OpenVPN listen on both TCP and UDP port, but "Connection status and control" ...  (Read 13600 times)
bautzen
Full Member
***
Offline Offline

Posts: 13


« on: Wednesday 02 May 2012, 08:55:50 pm »

Hi to all, I own an EFW 2.5.1 for my small business and I have patched a little bit OpenVPN configuration for accepting inbound connections both for TCP (1194) and UDP (1194).  One OpenVPN process for each protocol.
My clients connect to my firewall using X.509 certificates and can quite choose between TCP (more secure but a little bit slow) or UDP (less sicure but 3 times more fast).

My problem is that via WEB under "Connection status and control" I can only see TCP Clients but none connected in UDP (second child process).
Vice versa if I change via WEB the OpenVPN server from TCP to UDP protocol (and obviously I have to change the second OpenVPN service from UDP to TCP!!!), under  "Connection status and control" I see UDP clients but none connected in TCP (second child process).

In other words "Connection status and control" show me the clients connected reflecting the protocol set under "Advanced" tab, ignoring the other child process for the opposite protcol.

I know that EFW and Management cgi files are not designed for 2 OpenVPN process, but could it be possible to implement one patch for this?

Some more info:
openvpn.conf ------> generated by WEB and template
openvpn_1.conf ---> generated by me

root@firewall:~ # netstat -anp | grep 1194
tcp        0      0 0.0.0.0:1194                0.0.0.0:*                   LISTEN      17563/openvpn
udp        0      0 0.0.0.0:1194                0.0.0.0:*                               17576/openvpn

root@firewall:~ # ps aux | grep openvpn
root     12728  0.0  0.0   1708   488 pts/0    S+   12:52   0:00 grep openvpn
openvpn  17563  0.0  0.5   4732  2596 ?        Ss   Apr11   9:17 /usr/sbin/openvpn --config /etc/openvpn/openvpn.conf
openvpn  17576  0.0  0.4   4496  2356 ?        Ss   Apr11   1:52 /usr/sbin/openvpn --config /etc/openvpn/openvpn_1.conf --writepid /var/run/openvpn/openvpn_1.pid

Could some one help me?

Thank you

Pat
Logged
bautzen
Full Member
***
Offline Offline

Posts: 13


« Reply #1 on: Wednesday 02 May 2012, 10:39:32 pm »

The WEB page is named: /home/httpd/cgi-bin/openvpn_server.cgi

in that file several recurrences about $protocol that point to $conffile = "${swroot}/openvpn/settings (which refer to TCP!)

Maybe it's something related to this?


But I know nothing about PHP, programming and similar stuff

Someone could help me?

Thankyou
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com