How to view connected users to open vpn server?
There should be a status log you can look at to show you, mine is, for examle:
cat /etc/openvpn/openvpn-status.log
EDIT:
As an alternative, adding the flag --management IP port [pw-file] or adding that same directive to your server.conf, for example:
management localhost 7505
This would allow you to telnet to that port and offer you a list of commands to run:
telnet localhost 7505
help
To complete @sekrett answer :
killall -USR2 openvpn ; tail -f /var/log/syslog
It will keep running, it's not a "regular" kill, just a request to print some stats.
Displayed statistics are very readable. Sample output :
Oct 14 07:34:14 vpn2 openvpn[20959]: Updated,Fri Oct 14 07:34:14 2016
Oct 14 07:34:14 vpn2 openvpn[20959]: Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
Oct 14 07:26:26 vpn2 openvpn[20959]:
10.8.0.132,hostname1,213.219.XXX.XXX:63765,Fri Oct 14 07:25:01 2016
Oct 14 07:26:26 vpn2 openvpn[20959]:
10.8.0.242,hostname2,213.219.XXX.XXX:62416,Sun Sep 25 03:49:19 2016
I got the same need myself and the easiest solution I found out was to use as mentioned telnet to connect to the management interface(you'll have to add :management localhost 6666, in the server config file) .
To get the exact number of client you can do :
- telnet localhost 6666
- status
Then you'll get lot of logs :
10.9.10.11,test-docker,52.58.48.98:56859,Wed May 4 09:37:34 2016
10.9.7.45,test-docker,52.58.156.80:38774,Wed May 4 09:36:59 2016
10.9.1.103,test-docker,52.58.161.230:52201,Wed May 4 09:35:47 2016
GLOBAL STATS
Max bcast/mcast queue length,0
END
>CLIENT:ESTABLISHED,19845
>CLIENT:ENV,n_clients=19361
>CLIENT:ENV,time_unix=1462357164
- look for => >CLIENT:ENV,n_clients=19361
In my case since I have a very large number of client, using the log file is definitely not very practical.
I manage our companys OpenVPN servers and the way I see active connections is like this,
add to /etc/openvpn/server.conf
management 127.0.0.1 5555
restart openvpn server
systemctl restart [email protected]
add an OpenVPN Monitor Python package - this will run via a Gunicorn web server and show active connections,
mkdir /opt/openvpn-monitor
create a virtual env (not required but good practice with py packages)
cd /opt/openvpn-monitor
virtualenv venv
source venv/bin/activate
install required packages
pip install openvpn-monitor gunicorn
add a Monitor config file
vi /opt/openvpn-monitor/openvpn-monitor.conf
[openvpn-monitor]
site=your-openvpn-site
#logo=logo.jpg
#latitude=40.72
#longitude=-74
maps=True
geoip_data=/var/lib/GeoIP/GeoLite2-City.mmdb
datetime_format=%d/%m/%Y %H:%M:%S
[VPN1]
host=localhost
port=
name=Your VPN Server Name
show_disconnect=False
start the web server that will show active connections,
gunicorn openvpn-monitor -b 0.0.0.0:80 --name openvpn-monitor --daemon
To stop monitor
pkill gunicorn
to see active connections, go to the public IP of your VPN server
http://<ip of openvpn server>
make sure to configure proper firewall for port 80, whitelist only trusted inbound IPs
You can also send usr2 signal to openvpn process to make it write statistic information to syslog. This is safe, you don't need to reboot in case you did not enable management interface before.