Project

General

Profile

Actions

Feature #11165

open

OpenVPN Exporter - Allow for name customization

Added by Gregory Guilmette 9 months ago. Updated 3 months ago.

Status:
New
Priority:
Very Low
Assignee:
-
Category:
OpenVPN Client Export
Target version:
-
Start date:
12/15/2020
Due date:
12/31/2020 (about 9 months late)
% Done:

0%

Estimated time:
4.00 h
Plus Target Version:

Description

The Exporter Module creates client configurations that show up in the client workstation with the Netgate/pfSense hostname and the TCP port number. This is abritrary when assigning many TCP targets on the same or multiple OpenVPN servers spread across a large network of Netgate devices.

My request is the ability to leave the default naming structure or select a box on the OpenVPN server to allow for a customized name to be inserted into the exported OpenVPN Client configuration.

Current state:
A list of installed clients on a computer shows the gateway name and TCP/UDP port.
gatewayBob-TCP4-20000-config
gatewayBob-TCP4-20010-config
gatewayBob-TCP4-20021-config
MFGGWCore-TCP4-1194-config
MFGGWCore-TCP4-3000-config

Desired state:
Allow an optional config name: <$variable> or default if not changed.
Result => config name injected into the OpenVPN config to display a meaningful description.
gatewayBob-TCP4-20000-config => CorpIT_Restricted
gatewayBob-TCP4-20010-config => CorpIT_SplitTunnel
gatewayBob-TCP4-20021-config => CorpXX_EmployeeAccess
MFGGWCore-TCP4-1194-config => CorpYY_ReadOnlyReporting
MFGGWCore-TCP4-3000-config => CorpYY_EmergencySupport

The pulldown on a computer with multiple OpenVPN configurations can be far more descriptive, but the Export from pfSense is not configurable at this time.

Alternatives used at this time include the download of an OpenVPN configuration and manually editing the .conf so it shows a different name when an end user installs it. This is not possible when installing the "all-in-one" OpenVPN client installer w/ config.

Actions #1

Updated by Jim Pingle 9 months ago

  • Priority changed from High to Very Low
  • Target version deleted (2.5.0)
Actions #2

Updated by Guillaume LUCAS 3 months ago

I vote for it.

IMO, the priority should be at least "normal" and the focus should be on the Windows installer because the arbitrary technical name (example: "pfsense-1-tcp-443") become the name that Windows users see all the time (tooltip "Connected at pfsense-1-TCP-443" at connection/disconnection, in menus of OpenVPN client, etc.), this name cannot be change before deployment and this name have no sense for non-computer end-users.

Actions

Also available in: Atom PDF