OpenVPN AS add user/group

rolands · 7. Juli 2016

Hello,

I have OpenVPN AS installed through the plugin from the OMV Extra repository and use the default openvpn account to connect a client. Now i want to add users. How can this be done on OMV? Do i need to add the user first to OMV through user management and then add it to a openvpn group? Or do i need to do this first from OpenVPN AS admin interface? And what about a group?

I cannot seem to get a user added an match it somehow with a group in the admin interface, how can this be done?

Thanks,
Roland

tekkb · 7. Juli 2016

You just need to add the user in the Web GUI of OMV.

rolands · 8. Juli 2016

Thanks for the reply. I did try to add a user to the OMV users and i am able to logon with this user to https://myserver:943, however at https://myserver:943/admin the new user isn't displayed at users. I did try to restart the openvpnas service, without success. I also added the user to the openvpn group from the OMV user page and then restarted the openvpnas service again, without success.

I noticed that the authentication method PAM is used and not local, could this be the issue? If this needs to be changed to local, can i just go ahead and change this?

Thanks,
Roland

tekkb · 8. Juli 2016

The user will not be displayed. It you want to only allow certain users with the vpn you need to put a check in "Require user permissions Record..."
Then you can add the user you want to allow in the Admin UI "User Permissions" section and assign permisssions.

I use PAM and don't see a problem using it. The users do not have to be added to the openvpn group.

rolands · 8. Juli 2016

I want to config some specific settings for one user in the openvpnas user/group config. I need some influence on routing when connected from a specific network and this should be working with the Access Control turned on in the group settings and specifying some networks.

tekkb · 8. Juli 2016

This is why I like the OpenVPN AS plugin better than the community plugin. You have a hell of a lot more configuration options in the Admin UI.

rolands · 8. Juli 2016

Currently i use the OpenVPN AS plugin, do i need to switch to the openvpn plugin?

tekkb · 8. Juli 2016

No, unless you want more than 2 users from the group to be able to connect at the same time... but explain more what you are trying to do. Do you want one user to have access to a subnet that the others in the group do not have access to???

rolands · 8. Juli 2016

Yes. I want one user to route all trafic to the tunnel (including internet access) and another i want to allow access to a local subnet, e.g. traffic to 172.16.0.0/16, traffic to this network need to stay locally at the vpn client network.

tekkb · 8. Juli 2016

I am not sure if you can vary this setting for different clients... I would ask on the OpenVPN forums. The only difference being tunneling all internet traffic, yes?

https://forums.openvpn.net/

rolands · 11. Juli 2016

Yes, correct. I will check with the openvpn forums. Thanks.

Jetzt mitmachen!