"; } if($_GET['act']=="new"){ $pconfig['interface'] = "wan"; $pconfig['server_port'] = 1194; } if($_GET['act']=="edit"){ if (isset($id) && $a_client[$id]) { $pconfig['disable'] = $a_client[$id]['disable']; $pconfig['protocol'] = $a_client[$id]['protocol']; $pconfig['interface'] = $a_client[$id]['interface']; $pconfig['local_port'] = $a_client[$id]['local_port']; $pconfig['server_addr'] = $a_client[$id]['server_addr']; $pconfig['server_port'] = $a_client[$id]['server_port']; $pconfig['resolve_retry'] = $a_client[$id]['resolve_retry']; $pconfig['proxy_addr'] = $a_client[$id]['proxy_addr']; $pconfig['proxy_port'] = $a_client[$id]['proxy_port']; $pconfig['description'] = $a_client[$id]['description']; $pconfig['auth_method'] = $a_client[$id]['auth_method']; if ($pconfig['auth_method'] == "shared_key") $pconfig['shared_key'] = base64_decode($a_client[$id]['shared_key']); else { $pconfig['caref'] = $a_client[$id]['caref']; $pconfig['certref'] = $a_client[$id]['certref']; } $pconfig['crypto'] = $a_client[$id]['crypto']; $pconfig['tunnel_network'] = $a_client[$id]['tunnel_network']; $pconfig['remote_network'] = $a_client[$id]['remote_network']; $pconfig['compression'] = $a_client[$id]['compression']; $pconfig['settos'] = $a_client[$id]['settos']; } } if ($_POST) { unset($input_errors); $pconfig = $_POST; if (isset($id) && $a_client[$id]) $vpnid = $a_client[$id]['vpnid']; else $vpnid = 0; /* input validation */ if ($pconfig['local_port']) { if ($result = openvpn_validate_port($pconfig['local_port'], 'Local port')) $input_errors[] = $result; if (openvpn_port_used($pconfig['protocol'], $pconfig['local_port']) != $vpnid) $input_errors[] = "The specified 'Local port' is in use. Please select another value"; } if ($result = openvpn_validate_host($pconfig['server_addr'], 'Server host or address')) $input_errors[] = $result; if ($result = openvpn_validate_port($pconfig['server_port'], 'Server port')) $input_errors[] = $result; if ($pconfig['proxy_addr']) { if ($result = openvpn_validate_host($pconfig['proxy_addr'], 'Proxy host or address')) $input_errors[] = $result; if ($result = openvpn_validate_port($pconfig['proxy_port'], 'Proxy port')) $input_errors[] = $result; } if ($result = openvpn_validate_cidr($pconfig['tunnel_network'], 'Tunnel network')) $input_errors[] = $result; if ($result = openvpn_validate_cidr($pconfig['remote_network'], 'Remote network')) $input_errors[] = $result; if ($pconfig['auth_method'] == 'shared_key') if (!strstr($pconfig['shared_key'], "-----BEGIN OpenVPN Static key V1-----") || !strstr($pconfig['shared_key'], "-----END OpenVPN Static key V1-----")) $input_errors[] = "The field 'Shared Key' does not appear to be valid"; if ($pconfig['auth_method'] == 'shared_key') { $reqdfields = array('shared_key'); $reqdfieldsn = array('Shared key'); } else { $reqdfields = explode(" ", "caref certref"); $reqdfieldsn = explode(",", "Certificate Authority,Certificate");; } $reqdfields[] = 'tunnel_network'; $reqdfieldsn[] = 'Tunnel network'; do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); if (!$input_errors) { $client = array(); if ($vpnid) $client['vpnid'] = $vpnid; else $client['vpnid'] = openvpn_vpnid_next(); $client['disable'] = $pconfig['disable']; $client['protocol'] = $pconfig['protocol']; $client['interface'] = $pconfig['interface']; $client['local_port'] = $pconfig['local_port']; $client['server_addr'] = $pconfig['server_addr']; $client['server_port'] = $pconfig['server_port']; $client['resolve_retry'] = $pconfig['resolve_retry']; $client['proxy_addr'] = $pconfig['proxy_addr']; $client['proxy_port'] = $pconfig['proxy_port']; $client['description'] = $pconfig['description']; $client['auth_method'] = $pconfig['auth_method']; if ($client['auth_method'] == "shared_key") $client['shared_key'] = base64_encode($pconfig['shared_key']); else { $client['caref'] = $pconfig['caref']; $client['certref'] = $pconfig['certref']; } $client['crypto'] = $pconfig['crypto']; $client['tunnel_network'] = $pconfig['tunnel_network']; $client['remote_network'] = $pconfig['remote_network']; $client['compression'] = $pconfig['compression']; if (isset($id) && $a_client[$id]) $a_client[$id] = $client; else $a_client[] = $client; openvpn_resync('client', $client); write_config(); header("Location: vpn_openvpn_client.php"); exit; } } include("head.inc"); ?> ">

Disabled

/>	Disable this client

Set this option to disable this client without removing it from the list.

Interface

Set this option if you would like to bind to a specific port.

Server host name resolution

>	Infinitely resolve server

Continuously attempt to resolve the server host name. Useful when communicating with a server that is not permanently connected to the internet.

Description

You may enter a description here for your reference (not parsed).

Cryptographic Settings

Authentication Method

Certificate Authority

Certificate

Shared Key

Paste your shared key here.

Encryption algorithm

Tunnel Settings

Tunnel Network

This is the virtual network used for private communications between this client and the server expressed using CIDR (eg. 10.0.8.0/24). The first network address is assumed to be the server address and the second network address will be assigned to the client virtual interface.

Remote Network

This is a network that will be routed through the tunnel, so that a site-to-site VPN can be established without manually changing the routing tables. Expressed as a CIDR range. If this is a site-to-site VPN, enter here the remote LAN here. You may leave this blank to only communicate with other clients.

Maximum outgoing bandwidth for this tunnel. Leave empty for no limit. The input value has to be something between 100 bytes/sec and 100 Mbytes/sec (entered as bytes per second).

Compression

>	Compress tunnel packets using the LZO algorithm.

Type-of-Service

>	Set the TOS IP header value of tunnel packets to match the encapsulated packet value.

Disabled	Protocol	Server	Description