summaryrefslogtreecommitdiffstats
path: root/usr/local/www/vpn_openvpn_server.php
Commit message (Collapse)AuthorAgeFilesLines
* Overhaul the user login system to use the Servers tab as its base.Ermal Luçi2010-03-031-6/+2
| | | | Fix quite a few problems down the way.
* Allow openvpn server to authenticate only based on username/password ↵Ermal Luçi2010-03-021-1/+12
| | | | credentials.
* Allow the GUI auth API to be used for doing authentication against ↵Ermal Luçi2010-03-021-4/+6
| | | | authentication servers specified. Teach Openvpn to use this API. Allow openvpn to authenticate against multiple servers that can be selected on the server configuration page.
* Add support for authenticating users against server specified in the ↵Ermal Luçi2010-02-241-1/+28
| | | | system->user manager->servers for openvpn. While there propperly fill the shared secret field for raidus in the servers page.
* Fix setting unsetting of disable option for OpenVPN.Ermal Luçi2010-02-161-3/+4
|
* fix typoChris Buechler2010-02-071-1/+1
|
* Ticket #296. Blacklist webConfigurator certificate from certificate list it ↵Ermal Luçi2010-02-031-0/+2
| | | | will break at least Viscosity export utility.
* fix typosChris Buechler2010-01-011-1/+1
|
* fix textChris Buechler2009-12-301-1/+1
|
* Add IP alias and 'any' support to OpenVPN. Feedback #69pierrepomes2009-12-101-2/+9
|
* Add carp support for OpenVPN. Ticket #69pierrepomes2009-12-021-0/+3
|
* Rework includes/require. This saves about 4 megabytes.Scott Ullrich2009-11-211-1/+0
| | | | Simplify get_memory(). Tested on mips/i386
* fix typoChris Buechler2009-11-081-1/+1
|
* Make sortableScott Ullrich2009-08-231-8/+3
|
* Remove openvpn.inc from functions.inc since its just a subsystem that does ↵Ermal Luçi2009-07-081-1/+2
| | | | not need to be present on all of the includes.
* Add double click to editScott Ullrich2009-07-011-4/+4
| | | | Requested-by: cmb
* Add note about ; and add a push exampleScott Ullrich2009-06-301-3/+3
|
* Break before SaveScott Ullrich2009-06-301-0/+2
|
* Oops, rename to avancedScott Ullrich2009-06-301-1/+1
|
* Rename to custom_options to match the original setting nameScott Ullrich2009-06-301-3/+3
|
* Adding back openvpn advanced option which got lost in the -> 2.0 upgrade shuffleScott Ullrich2009-06-301-0/+24
|
* Fix OpenVPN automatic shared key generation.jim-p2009-05-081-3/+4
|
* Fix detection of TLS/Shared Key mode for OpenVPNjim-p2009-05-081-1/+1
| | | | The wrong variable was being checked, so the result was always false.
* Apparent variable name typo, fixes Ticket #1904jim-p2009-04-191-1/+1
|
* Fix OpenVPN instance port change.jim-p2009-04-091-1/+2
| | | | It had been failing on any change, including valid unused choices.
* Cleanup ipsec interfaces a bit and make sure they are displayed in tabs for ↵mgrooms2009-03-121-1/+1
| | | | consistency.
* Use listbg as all other pages doScott Ullrich2008-10-121-1/+1
|
* Use get_configured_interface_with_descr() for OpenVPN gui pages. SuggestedMatthew Grooms2008-09-161-8/+6
| | | | by Ermal.
* Make it possible for pakages to insert additional tabbed pages into anMatthew Grooms2008-09-161-1/+2
| | | | | | | | existing tab group. This requires that each page in the tab group call add_package_tabs() with the tab group name before display_top_tabs() so pages can be inserted. While far from optimal, this system is really a stop-gap measure until a more intelligent menu/tab system can be implemented. Discussed with Scott on IRC.
* Modify the OpenVPN server configuration to allow the DH parameter lengthMatthew Grooms2008-09-091-4/+27
| | | | to be specified. Upgraded 1.2.x configurations will default to 1024 bits.
* Minor re-work of OpenVPN configuration. Use operational modes to determineMatthew Grooms2008-09-061-58/+206
| | | | | | | | | | | | | | | | | | | | what configuration options are appropriate. The operational mode dictates the authentication method. They are defines as follows ... Peer to Peer ( SSL/TLS ) Peer to Peer ( Shared Key ) Remote Access ( SSL/TLS ) Remote Access ( User Auth ) Remote Access ( SSL/TLS + User Auth ) Some of these modes allow for user authentication using passwords. We now use the etc/inc/openvpn.auth-user.php file to facilitate this by checking the username and password supplied by OpenVPN against our centralized user database. The Server and Client user interfaces have also been updated to support TLS packet authentication. This is an additional security option that is optional.
* Correct problems with OpenVPN that prevented the lzo compression and passMatthew Grooms2008-09-031-3/+4
| | | | tos options from being set correctly in configuration files.
* move CSS header to correct locationScott Ullrich2008-08-301-3/+3
|
* Add CSS headerScott Ullrich2008-08-301-0/+3
|
* Correctly validate required input fields for OpenVPN screens.Matthew Grooms2008-08-271-4/+7
|
* Correct some problems with the filter code where we were calling foreachMatthew Grooms2008-08-271-2/+2
| | | | | | | | | | | on data that wasn't necessarily a valid array. Modify the OpenVPN code to stop passing the array index around and then immediately obtaining a reference to the array entry. We already have a reference to the data, just pass it instead. Also add some check to make certain tap configuration steps more conditional. Make sure we remove configuration and pid files when they are no longer required. Fix a few other OpenVPN related bugs.
* Set some important default values for the new OpenVPN interface screens.Matthew Grooms2008-08-261-2/+16
| | | | | Add functions and interface code to handle local port conflict detection and resolution.
* Dump the per-configuration dh parameters data. It make no sense to keepMatthew Grooms2008-08-261-3/+2
| | | | | | | | | | this information in the configuration as its not specific to the server. It only contains the parameters ( a safe large prime number ) that is used during a DH key exchange. Instead, we now use a system wide dh file that is generated when the /var/etc/openvpn directory is setup. This shaves 10 to 30 seconds off of the server config creation process. Also correct a bug in the hack I added to work around carp related issues that prevented filter re-configuration from working properly.
* Rework most of the OpenVPN support. The interfaces have been updated toMatthew Grooms2008-08-261-0/+998
not use the pkg system and the configuration has been migrated to an openvpn prefix. The centralized user and certificate manager is now used to support the openvpn configurations. Most of the files removed in this commit were not being referenced. This commit also splits out the certificate management components into a new system menu item.
OpenPOWER on IntegriCloud