Feature #2668
closedSupport aliases in OpenVPN local/remote/tunnel network fields
100%
Description
I put aliases in for each of the networks or related groups of networks around my intranet. These are handy to use in firewall rules allowing access across OpenVPN site-to-site links. But then I find myself typing the same IP address numbers in the local/remote/tunnel network fields of the OpenVPN client and server settings. This leaves room for human error when things change and need to be updated in multiple places.
It would be nice to be able to use Aliases from the Firewall Aliases (just the ones that list a network/s).
Note: an alias could be a whole list of networks, so the code would have to expand that into the appropriate list of "route" and "push route" entries to put in the OpenVPN config file. Also, when an alias is edited and saved, the code would also need to check if any OpenVPNs are using the alias, regenerate the appropriate OpenVPN config files and restart those OpenVPN server/clients.
This would also provide one way to get the effect of #1217 - Change OpenVPN local/remote networks to lists instead of single boxes. The user could make an alias for the list of networks, then just put the alias in the local/remote/tunnel network field.
Updated by robi robi about 7 years ago
Requested on forums also: https://forum.pfsense.org/index.php?topic=137852.0
Updated by Justin Bauer over 4 years ago
This is an incredibly important feature for anyone managing a large network. We only have 18 sites and the string for the list of subnets is quite long. Ideally we would be able to add subnets to a list with a description attached so they can be referenced by name or subnet.
Updated by Viktor Gurov over 3 years ago
Updated by Jim Pingle over 3 years ago
- Subject changed from Allow Alias network names in OpenVPN local/remote/tunnel networks to Allow aliases to be used in OpenVPN local/remote/tunnel network fields
- Status changed from New to Pull Request Review
- Target version changed from Future to 2.6.0
Updated by Steve Wheeler over 3 years ago
- Status changed from Pull Request Review to Feedback
The updated patch looks good now.
Aliases work as expected. Servers are restarted as expected with warnings to the user.
Tested against:
2.6.0-DEVELOPMENT (amd64) built on Fri Aug 20 01:08:52 EDT 2021 FreeBSD 12.2-STABLE
Updated by Jim Pingle over 3 years ago
- Status changed from Feedback to Pull Request Review
Not merged yet
Updated by Viktor Gurov over 3 years ago
- Status changed from Pull Request Review to Feedback
- % Done changed from 0 to 100
Applied in changeset 4b8d710c06b2cea101a3751e8e5d7fd3e657532d.
Updated by Renato Botelho over 3 years ago
- Assignee set to Viktor Gurov
- Plus Target Version set to 21.09
Updated by Viktor Gurov over 3 years ago
Updated by Jim Pingle over 3 years ago
- Status changed from Feedback to Pull Request Review
Updated by Jim Pingle over 3 years ago
- Status changed from Pull Request Review to Feedback
PR was already merged.
Updated by Jim Pingle over 3 years ago
- Subject changed from Allow aliases to be used in OpenVPN local/remote/tunnel network fields to Support aliases in OpenVPN local/remote/tunnel network fields
Updating subject for release notes.
Updated by Viktor Gurov over 3 years ago
PHP error on firewall_aliases_edit.php page if OpenVPN server description field is empty
PHP Errors: [15-Sep-2021 09:12:19 Europe/Moscow] PHP Warning: implode(): Invalid arguments passed in /usr/local/pfSense/include/www/alias-utils.inc on line 141
fix:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/391
Updated by Jim Pingle over 3 years ago
- Status changed from Feedback to Pull Request Review
Updated by Jim Pingle over 3 years ago
- Status changed from Feedback to Waiting on Merge
Needs picked back to the plus-RELENG_21_09
branch after additional approval.
Updated by Jim Pingle over 3 years ago
- Status changed from Waiting on Merge to Feedback
Picked back to plus-RELENG_21_09
.
Updated by Jim Pingle about 3 years ago
- Plus Target Version changed from 21.09 to 22.01
Updated by Christopher Cope almost 3 years ago
Behaving as expected on
22.01-RC (amd64) built on Mon Jan 24 18:47:55 UTC 2022 FreeBSD 12.3-STABLE
Updated by Viktor Gurov almost 3 years ago
- Status changed from Feedback to Resolved