Support aliases in OpenVPN local/remote/tunnel network fields
I put aliases in for each of the networks or related groups of networks around my intranet. These are handy to use in firewall rules allowing access across OpenVPN site-to-site links. But then I find myself typing the same IP address numbers in the local/remote/tunnel network fields of the OpenVPN client and server settings. This leaves room for human error when things change and need to be updated in multiple places.
It would be nice to be able to use Aliases from the Firewall Aliases (just the ones that list a network/s).
Note: an alias could be a whole list of networks, so the code would have to expand that into the appropriate list of "route" and "push route" entries to put in the OpenVPN config file. Also, when an alias is edited and saved, the code would also need to check if any OpenVPNs are using the alias, regenerate the appropriate OpenVPN config files and restart those OpenVPN server/clients.
This would also provide one way to get the effect of #1217 - Change OpenVPN local/remote networks to lists instead of single boxes. The user could make an alias for the list of networks, then just put the alias in the local/remote/tunnel network field.
Updated by robi robi over 4 years ago
Requested on forums also: https://forum.pfsense.org/index.php?topic=137852.0
Updated by Justin Bauer over 1 year ago
This is an incredibly important feature for anyone managing a large network. We only have 18 sites and the string for the list of subnets is quite long. Ideally we would be able to add subnets to a list with a description attached so they can be referenced by name or subnet.
Updated by Viktor Gurov 10 months ago
Updated by Jim Pingle 10 months ago
- Subject changed from Allow Alias network names in OpenVPN local/remote/tunnel networks to Allow aliases to be used in OpenVPN local/remote/tunnel network fields
- Status changed from New to Pull Request Review
- Target version changed from Future to 2.6.0
Updated by Steve Wheeler 5 months ago
- Status changed from Pull Request Review to Feedback
The updated patch looks good now.
Aliases work as expected. Servers are restarted as expected with warnings to the user.
2.6.0-DEVELOPMENT (amd64) built on Fri Aug 20 01:08:52 EDT 2021 FreeBSD 12.2-STABLE
Updated by Viktor Gurov 5 months ago
Updated by Viktor Gurov 4 months ago
PHP error on firewall_aliases_edit.php page if OpenVPN server description field is empty
PHP Errors: [15-Sep-2021 09:12:19 Europe/Moscow] PHP Warning: implode(): Invalid arguments passed in /usr/local/pfSense/include/www/alias-utils.inc on line 141