Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
VPN Service Test for Monit [Solved]
« previous
next »
Print
Pages: [
1
]
Author
Topic: VPN Service Test for Monit [Solved] (Read 2625 times)
pankaj
Full Member
Posts: 117
Karma: 5
VPN Service Test for Monit [Solved]
«
on:
January 02, 2022, 08:03:01 pm »
Hi,
I am interested in using Monit to create an alert for me whenever a VPN user logs-in and logs-off. And I'm unable to lock on to any single trigger or info within OPNSense around which I can create a Setting Test for Monit. In the Dashboard, I have a OPNVPN tab which shows the IP address of VPN users when active but I cannot find this trigger or process within OPNSense.
If anyone has any pointers please point me in the right direction.
Thanks,
PS: My golden idea was to monitor the IP address sub-net assigned to VPN user but after few hours of log analysis I learned that VPN handles DHCP differently and nothing ever showed up in OPNSense DHCP leases
«
Last Edit: January 03, 2022, 11:36:31 pm by pankaj
»
Logged
pankaj
Full Member
Posts: 117
Karma: 5
Re: VPN Service Test for Monit
«
Reply #1 on:
January 02, 2022, 09:02:02 pm »
I read few threads online and on this forum and think that folks have done it two different ways, I do not quiet grasp the exact details of each option (need to research) but just wanted to get some feedback on pros and cons.
1. Using custom script in Monit: that will parse /var/log/openvpn.log for entries and extract information on users, time of log-on/log-off etc. This script will likely need to run periodically and can extract all information needed except for one minor glitch that it is way beyond my bash scripting skill but I will give it a try for fun
2. OpenVPN can execute a custom script when a user logs on (or logs off) and the bash script can send the notification (likely not need Monit) with simple information like "User-A logged-on/logged-off at <time>". I am reading OpenVPN documentation for it but if anyone knows where to place this custom script, please let me know.
Since this is a home LAN the use of VPN is minimal and either of the options would suffice as long as it works. If there are any pointers or omissions then please let me know.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: VPN Service Test for Monit
«
Reply #2 on:
January 02, 2022, 09:43:36 pm »
Something like this:
https://docs.opnsense.org/manual/monit.html?highlight=monit#example-2
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
pankaj
Full Member
Posts: 117
Karma: 5
Re: VPN Service Test for Monit
«
Reply #3 on:
January 03, 2022, 12:20:00 am »
Quote from: mimugmail on January 02, 2022, 09:43:36 pm
Something like this:
https://docs.opnsense.org/manual/monit.html?highlight=monit#example-2
Thanks @mimugmail for the response.
Since I sporadically VPN into my home LAN from outside, this approach will likely create a barrage of alerts when VPN is down and actually not needed.
I found that OpenVPN creates a host of environment variable, see here -
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage#lbAS
.
And it might simpler to just write a bash script that:
1. If "ifconfig_remote" and "ifconfig_local" are not null
2. Then do something with Monit alert
3. Else do nothing
I've tried all possible ways to access these environment variables but to no avail.
Under OpenVPN Server there is a setting under advanced where I added "client-connect /root/connect.sh" and the script /root/connect.sh is actually executed when VPN user logged into the system. But the problem with this script is that I tried exporting OpenVPN variables out but it just doesn't work
Logged
pankaj
Full Member
Posts: 117
Karma: 5
Re: VPN Service Test for Monit
«
Reply #4 on:
January 03, 2022, 11:36:15 pm »
I've figured this out and have posted the details as a HOWTO just in case anyone is trying the same thing.
https://forum.opnsense.org/index.php?topic=26221.0
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
VPN Service Test for Monit [Solved]