Allow aliases to be used in OpenVPN local/remote/tunnel network fields
I put aliases in for each of the networks or related groups of networks around my intranet. These are handy to use in firewall rules allowing access across OpenVPN site-to-site links. But then I find myself typing the same IP address numbers in the local/remote/tunnel network fields of the OpenVPN client and server settings. This leaves room for human error when things change and need to be updated in multiple places.
It would be nice to be able to use Aliases from the Firewall Aliases (just the ones that list a network/s).
Note: an alias could be a whole list of networks, so the code would have to expand that into the appropriate list of "route" and "push route" entries to put in the OpenVPN config file. Also, when an alias is edited and saved, the code would also need to check if any OpenVPNs are using the alias, regenerate the appropriate OpenVPN config files and restart those OpenVPN server/clients.
This would also provide one way to get the effect of #1217 - Change OpenVPN local/remote networks to lists instead of single boxes. The user could make an alias for the list of networks, then just put the alias in the local/remote/tunnel network field.
Updated by robi robi almost 4 years ago
Requested on forums also: https://forum.pfsense.org/index.php?topic=137852.0
Updated by Justin Bauer 11 months ago
This is an incredibly important feature for anyone managing a large network. We only have 18 sites and the string for the list of subnets is quite long. Ideally we would be able to add subnets to a list with a description attached so they can be referenced by name or subnet.
Updated by Viktor Gurov 4 months ago
Updated by Jim Pingle 4 months ago
- Subject changed from Allow Alias network names in OpenVPN local/remote/tunnel networks to Allow aliases to be used in OpenVPN local/remote/tunnel network fields
- Status changed from New to Pull Request Review
- Target version changed from Future to 2.6.0