How to view connected users to open vpn server?

There should be a status log you can look at to show you, mine is, for examle:

cat /etc/openvpn/openvpn-status.log

EDIT:

As an alternative, adding the flag --management IP port [pw-file] or adding that same directive to your server.conf, for example:

management localhost 7505

This would allow you to telnet to that port and offer you a list of commands to run:

telnet localhost 7505

help


To complete @sekrett answer :

killall -USR2 openvpn ; tail -f /var/log/syslog

It will keep running, it's not a "regular" kill, just a request to print some stats.

Displayed statistics are very readable. Sample output :

Oct 14 07:34:14 vpn2 openvpn[20959]: Updated,Fri Oct 14 07:34:14 2016
Oct 14 07:34:14 vpn2 openvpn[20959]: Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
Oct 14 07:26:26 vpn2 openvpn[20959]:
10.8.0.132,hostname1,213.219.XXX.XXX:63765,Fri Oct 14 07:25:01 2016
Oct 14 07:26:26 vpn2 openvpn[20959]:
10.8.0.242,hostname2,213.219.XXX.XXX:62416,Sun Sep 25 03:49:19 2016

I got the same need myself and the easiest solution I found out was to use as mentioned telnet to connect to the management interface(you'll have to add :management localhost 6666, in the server config file) .

To get the exact number of client you can do :

  • telnet localhost 6666
  • status

Then you'll get lot of logs :

10.9.10.11,test-docker,52.58.48.98:56859,Wed May  4 09:37:34 2016
10.9.7.45,test-docker,52.58.156.80:38774,Wed May  4 09:36:59 2016
10.9.1.103,test-docker,52.58.161.230:52201,Wed May  4 09:35:47 2016
GLOBAL STATS
Max bcast/mcast queue length,0
END
>CLIENT:ESTABLISHED,19845
>CLIENT:ENV,n_clients=19361
>CLIENT:ENV,time_unix=1462357164
  • look for => >CLIENT:ENV,n_clients=19361

In my case since I have a very large number of client, using the log file is definitely not very practical.


I manage our companys OpenVPN servers and the way I see active connections is like this,

add to /etc/openvpn/server.conf

management 127.0.0.1 5555

restart openvpn server

systemctl restart [email protected]

add an OpenVPN Monitor Python package - this will run via a Gunicorn web server and show active connections,

mkdir /opt/openvpn-monitor

create a virtual env (not required but good practice with py packages)

cd /opt/openvpn-monitor
virtualenv venv
source venv/bin/activate

install required packages

pip install openvpn-monitor gunicorn

add a Monitor config file

vi /opt/openvpn-monitor/openvpn-monitor.conf

[openvpn-monitor]
site=your-openvpn-site
#logo=logo.jpg
#latitude=40.72
#longitude=-74
maps=True
geoip_data=/var/lib/GeoIP/GeoLite2-City.mmdb
datetime_format=%d/%m/%Y %H:%M:%S

[VPN1]
host=localhost
port=
name=Your VPN Server Name
show_disconnect=False

start the web server that will show active connections,

gunicorn openvpn-monitor -b 0.0.0.0:80 --name openvpn-monitor --daemon

To stop monitor

pkill gunicorn 

to see active connections, go to the public IP of your VPN server

http://<ip of openvpn server>

make sure to configure proper firewall for port 80, whitelist only trusted inbound IPs

enter image description here


You can also send usr2 signal to openvpn process to make it write statistic information to syslog. This is safe, you don't need to reboot in case you did not enable management interface before.