Project

General

Profile

Actions

Feature #7353

closed

Openvpn Logins page

Added by ton wittenberg about 7 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
OpenVPN
Target version:
-
Start date:
03/06/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

Hello,

i would like to monitor per user when he/she connected/disconnected.

in Pfsense 2.1.5 we used the PPTP Logins page. (/diag_logs_vpn.php)

this would shows something like this:

Mar 2 14:17:19 [logout] test 1.1.1.1
Mar 2 14:14:20 [login] test 1.1.1.1
Feb 16 11:38:47 [logout] test 1.1.1.1
Feb 16 11:35:55 [login] test 1.1.1.1

so with a cron i pulled in this data and made a web UI so i could see the total time connected for eatch user and a log of when he/she connected/disconnected this worked perfect for us.

but for openvpn there is no logins log page. there is only the status_logs.php?logfile=openvpn page.

these Logs are pretty hard to proces since it shows data in this format.

Mar 6 09:49:59 openvpn 19520 1.1.1.1:40469 [test] Peer Connection Initiated with [AF_INET]1.1.1.1:40469
Mar 6 09:50:01 openvpn 19520 test/1.1.1.1 send_push_reply(): safe_cap=940
Mar 6 09:55:25 openvpn 19520 test/1.1.1.1:40469 [test] Inactivity timeout (--ping-restart), restarting.

Would it be possible to make an Openvpn logins page?

Or to make a pfsense package that just saves all connect/disconnect times/date And a totaltime connect per user?

is there a package maby for pfsense i could install to show me the connected/disconnect time and total time?

Thanks in advance

Actions #1

Updated by Jim Pingle about 7 years ago

  • Tracker changed from Todo to Feature
  • Priority changed from High to Normal
  • Target version set to Future
Actions #2

Updated by Jim Pingle over 4 years ago

  • Status changed from New to Closed
  • Target version deleted (Future)

On 2.5.0 there is a dedicated authentication log, which you could filter for OpenVPN and see most of what you are after.

Beyond that, if you want that level of detail what you should really be doing is using an external RADIUS server that keeps more detailed accounting records which can be used to generate reports however you like. A dedicated server off the firewall is more suited to long-term information retention of this nature.

Actions

Also available in: Atom PDF