diff options
author | jim-p <jimp@pfsense.org> | 2013-11-25 16:53:54 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-11-25 16:53:54 -0500 |
commit | 63aa82df03b81c31a4a0a2f74950cbcaf54b67f2 (patch) | |
tree | 3a7cf8bdda50a3a3604f018177dfcef70a0e4f33 /config/openvpn-client-export/vpn_openvpn_export.php | |
parent | f581b75f072a51330de2619669fc799a8ac5de73 (diff) | |
download | pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.tar.gz pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.tar.bz2 pfsense-packages-63aa82df03b81c31a4a0a2f74950cbcaf54b67f2.zip |
Instruct the client to use a random local port for OpenVPN in the exported configuration.
Diffstat (limited to 'config/openvpn-client-export/vpn_openvpn_export.php')
-rwxr-xr-x | config/openvpn-client-export/vpn_openvpn_export.php | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php index 44744832..8d002397 100755 --- a/config/openvpn-client-export/vpn_openvpn_export.php +++ b/config/openvpn-client-export/vpn_openvpn_export.php @@ -139,6 +139,7 @@ if (!empty($act)) { $openvpnmanager = $_GET['openvpnmanager']; $verifyservercn = $_GET['verifyservercn']; + $randomlocalport = $_GET['randomlocalport']; $usetoken = $_GET['usetoken']; if ($usetoken && (substr($act, 0, 10) == "confinline")) $input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration."; @@ -213,17 +214,17 @@ if (!empty($act)) { $exp_name = urlencode($exp_name."-config.ovpn"); $expformat = "baseconf"; } - $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $openvpnmanager, $advancedoptions); + $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $openvpnmanager, $advancedoptions); } if($act == "visc") { $exp_name = urlencode($exp_name."-Viscosity.visc.zip"); - $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions); + $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions); } if(substr($act, 0, 4) == "inst") { $exp_name = urlencode($exp_name."-install.exe"); - $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions, substr($act, 5)); + $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $verifyservercn, $randomlocalport, $usetoken, $password, $proxy, $openvpnmanager, $advancedoptions, substr($act, 5)); } if (!$exp_path) { @@ -307,6 +308,9 @@ function download_begin(act, i, j) { var verifyservercn; verifyservercn = document.getElementById("verifyservercn").value; + var randomlocalport = 0; + if (document.getElementById("randomlocalport").checked) + randomlocalport = 1; var usetoken = 0; if (document.getElementById("usetoken").checked) usetoken = 1; @@ -381,6 +385,7 @@ function download_begin(act, i, j) { } dlurl += "&useaddr=" + escape(useaddr); dlurl += "&verifyservercn=" + escape(verifyservercn); + dlurl += "&randomlocalport=" + escape(randomlocalport); dlurl += "&openvpnmanager=" + escape(openvpnmanager); dlurl += "&usetoken=" + escape(usetoken); if (usepass) @@ -642,6 +647,27 @@ function useproxy_changed(obj) { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Use Random Local Port</td> + <td width="78%" class="vtable"> + <table border="0" cellpadding="2" cellspacing="0" summary="random local port"> + <tr> + <td> + <input name="randomlocalport" id="randomlocalport" type="checkbox" value="yes" checked="CHECKED" /> + </td> + <td> + <span class="vexpl"> + Use a random local source port (lport) for traffic from the client. Without this set, two clients may not run concurrently. + </span> + </td> + </tr> + <tr> + <td colspan="2"> + <span class="vexpl"><br/>NOTE: Not supported on older clients. Automatically disabled for Yealink and Snom configurations.</span> + </td> + </tr> + </table> + </tr> + <tr> <td width="22%" valign="top" class="vncell">Certificate Export Options</td> <td width="78%" class="vtable"> <table border="0" cellpadding="2" cellspacing="0" summary="export options"> @@ -806,10 +832,14 @@ function useproxy_changed(obj) { This will change the generated .ovpn configuration to allow for usage of the management interface. And include the OpenVPNManager program in the "Windows Installers". With this OpenVPN can be used also by non-administrator users. This is also useful for Windows Vista/7/8 systems where elevated permissions are needed to add routes to the system. - <br/><br/>NOTE: This is not currently compatible with the 64-bit OpenVPN installer. It will work with the 32-bit installer on a 64-bit system. </span> </td> </tr> + <tr> + <td colspan="2"> + <span class="vexpl"><br/>NOTE: This is not currently compatible with the 64-bit OpenVPN installer. It will work with the 32-bit installer on a 64-bit system.</span> + </td> + </tr> </table> </td> </tr> |