aboutsummaryrefslogtreecommitdiffstats
path: root/config/openvpn-client-export/vpn_openvpn_export.php
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2013-11-25 16:53:54 -0500
committerjim-p <jimp@pfsense.org>2013-11-25 16:53:54 -0500
commit63aa82df03b81c31a4a0a2f74950cbcaf54b67f2 (patch)
tree3a7cf8bdda50a3a3604f018177dfcef70a0e4f33 /config/openvpn-client-export/vpn_openvpn_export.php
parentf581b75f072a51330de2619669fc799a8ac5de73 (diff)
downloadpfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.tar.gz
pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.tar.bz2
pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.zip
Instruct the client to use a random local port for OpenVPN in the exported configuration.
Diffstat (limited to 'config/openvpn-client-export/vpn_openvpn_export.php')
-rwxr-xr-xconfig/openvpn-client-export/vpn_openvpn_export.php38
1 files changed, 34 insertions, 4 deletions
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index 44744832..8d002397 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -139,6 +139,7 @@ if (!empty($act)) {
$openvpnmanager = $_GET['openvpnmanager'];
$verifyservercn = $_GET['verifyservercn'];
+ $randomlocalport = $_GET['randomlocalport'];
$usetoken = $_GET['usetoken'];
if ($usetoken && (substr($act, 0, 10) == "confinline"))
$input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration.";
@@ -213,17 +214,17 @@ if (!empty($act)) {
$exp_name = urlencode($exp_name."-config.ovpn");
$expformat = "baseconf";
}
- $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $openvpnmanager, $advancedoptions);
+ $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $openvpnmanager, $advancedoptions);
}
if($act == "visc") {
$exp_name = urlencode($exp_name."-Viscosity.visc.zip");
- $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions);
+ $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions);
}
if(substr($act, 0, 4) == "inst") {
$exp_name = urlencode($exp_name."-install.exe");
- $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions, substr($act, 5));
+ $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions, substr($act, 5));
}
if (!$exp_path) {
@@ -307,6 +308,9 @@ function download_begin(act, i, j) {
var verifyservercn;
verifyservercn = document.getElementById("verifyservercn").value;
+ var randomlocalport = 0;
+ if (document.getElementById("randomlocalport").checked)
+ randomlocalport = 1;
var usetoken = 0;
if (document.getElementById("usetoken").checked)
usetoken = 1;
@@ -381,6 +385,7 @@ function download_begin(act, i, j) {
}
dlurl += "&useaddr=" + escape(useaddr);
dlurl += "&verifyservercn=" + escape(verifyservercn);
+ dlurl += "&randomlocalport=" + escape(randomlocalport);
dlurl += "&openvpnmanager=" + escape(openvpnmanager);
dlurl += "&usetoken=" + escape(usetoken);
if (usepass)
@@ -642,6 +647,27 @@ function useproxy_changed(obj) {
</td>
</tr>
<tr>
+ <td width="22%" valign="top" class="vncell">Use Random Local Port</td>
+ <td width="78%" class="vtable">
+ <table border="0" cellpadding="2" cellspacing="0" summary="random local port">
+ <tr>
+ <td>
+ <input name="randomlocalport" id="randomlocalport" type="checkbox" value="yes" checked="CHECKED" />
+ </td>
+ <td>
+ <span class="vexpl">
+ Use a random local source port (lport) for traffic from the client. Without this set, two clients may not run concurrently.
+ </span>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ <span class="vexpl"><br/>NOTE: Not supported on older clients. Automatically disabled for Yealink and Snom configurations.</span>
+ </td>
+ </tr>
+ </table>
+ </tr>
+ <tr>
<td width="22%" valign="top" class="vncell">Certificate Export Options</td>
<td width="78%" class="vtable">
<table border="0" cellpadding="2" cellspacing="0" summary="export options">
@@ -806,10 +832,14 @@ function useproxy_changed(obj) {
This will change the generated .ovpn configuration to allow for usage of the management interface.
And include the OpenVPNManager program in the "Windows Installers". With this OpenVPN can be used also by non-administrator users.
This is also useful for Windows Vista/7/8 systems where elevated permissions are needed to add routes to the system.
- <br/><br/>NOTE: This is not currently compatible with the 64-bit OpenVPN installer. It will work with the 32-bit installer on a 64-bit system.
</span>
</td>
</tr>
+ <tr>
+ <td colspan="2">
+ <span class="vexpl"><br/>NOTE: This is not currently compatible with the 64-bit OpenVPN installer. It will work with the 32-bit installer on a 64-bit system.</span>
+ </td>
+ </tr>
</table>
</td>
</tr>