[SOLVED] Missing OpenVPN RADIUS Attr on "reconnection"

[fabio]

Hi All,

I've noticed that the RADIUS attributes are not pushed to the client if the server see the client connected

To reprocude the bethaviour
01- cliente connection
02- RADIUS auth reqeust
03- RADIUS reply with attributes
04- Framed-IP-Address and Framed-Route are assignes to the cliente
05- client disconnection / connection
07- RADIUS auth reqeust
08- RADIUS reply with attributes
09- Framed-IP-Address and Framed-Route are NOT assignes to the cliente

If you Kill client connection fom the GUI

11- cliente connection
12- RADIUS auth reqeust
13- RADIUS reply with attributes
14- Framed-IP-Address and Framed-Route are assignes to the cliente


At the moment as cliente I've only used "OpenVPN for Android"

Cheers,

[mimugmail]

This is an old version of the client which doesnt support disconnect. I had this too with OpenVPN 2.2

[fabio]

Just tryed the the last versione (2.4.6) of the community windows GUI and I see the same bethaviour.

In the server PUSH_REPLY logs are missing all the RADIUS attributes (if the client Common Name result already connected )

Do I need to set some specific server paramiters ?

Cheers,

[mimugmail]

Normally this works when client logs off. When you disconnect, wait for two mins, then the client is timed out and you can relogin

[fabio]

Some additional tests,

Now I've remove the RADIUS configuraiton so I've only "loacal database" and local "Client Specific Overrides"

... same results;

With a fast disconnect/reconnect the CSO file on the filesystem is not created


I've the feeling that is something related to the direcrive

Code Select Expand

client-disconnect and the

Code Select Expand

/usr/local/etc/inc/plugins.inc.d/openvpn/attributes.sh script:

commenting out  "/usr/local/etc/inc/plugins.inc.d/openvpn/ovpn_cleanup_cso.php $1" in that script
all works as aspected (at least by me) ... no idea of eventually side effects

Cheers,

[fabio]

Solved with patch cdb4b81

Thanks