$server) { if (isset($server['disable'])) continue; $ras_user = array(); $ras_certs = array(); if (stripos($server['mode'], "server") === false) continue; if (($server['mode'] == "server_tls_user") && ($server['authmode'] == "Local Database")) { foreach($a_user as $uindex => $user) { if (!is_array($user['cert'])) continue; foreach($user['cert'] as $cindex => $cert) { // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); if ($cert['caref'] != $server['caref']) continue; $ras_userent = array(); $ras_userent['uindex'] = $uindex; $ras_userent['cindex'] = $cindex; $ras_userent['name'] = $user['name']; $ras_userent['certname'] = $cert['descr']; $ras_user[] = $ras_userent; } } } elseif (($server['mode'] == "server_tls") || (($server['mode'] == "server_tls_user") && ($server['authmode'] != "Local Database"))) { foreach($a_cert as $cindex => $cert) { if ($cert['caref'] != $server['caref']) continue; $ras_cert_entry['cindex'] = $cindex; $ras_cert_entry['certname'] = $cert['descr']; $ras_cert_entry['certref'] = $cert['refid']; $ras_certs[] = $ras_cert_entry; } } $ras_serverent = array(); $prot = $server['protocol']; $port = $server['local_port']; if ($server['description']) $name = "{$server['description']} {$prot}:{$port}"; else $name = "Server {$prot}:{$port}"; $ras_serverent['index'] = $sindex; $ras_serverent['name'] = $name; $ras_serverent['users'] = $ras_user; $ras_serverent['certs'] = $ras_certs; $ras_serverent['mode'] = $server['mode']; $ras_server[] = $ras_serverent; } $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; $act = $_GET['act']; if (isset($_POST['act'])) $act = $_POST['act']; if (!empty($act)) { $srvid = $_GET['srvid']; $usrid = $_GET['usrid']; $crtid = $_GET['crtid']; if ($srvid === false) { pfSenseHeader("vpn_openvpn_export.php"); exit; } else if (($config['openvpn']['openvpn-server'][$srvid]['mode'] != "server_user") && (($usrid === false) || ($crtid === false))) { pfSenseHeader("vpn_openvpn_export.php"); exit; } if ($config['openvpn']['openvpn-server'][$srvid]['mode'] == "server_user") $nokeys = true; else $nokeys = false; if (empty($_GET['useaddr'])) { $input_errors[] = "You need to specify an IP or hostname."; } else $useaddr = $_GET['useaddr']; $advancedoptions = $_GET['advancedoptions']; $usetoken = $_GET['usetoken']; if ($usetoken && ($act == "confinline")) $input_errors[] = "You cannot use Microsoft Certificate Storage with an Inline configuration."; $password = ""; if ($_GET['password']) $password = $_GET['password']; $proxy = ""; if (!empty($_GET['proxy_addr']) || !empty($_GET['proxy_port'])) { $proxy = array(); if (empty($_GET['proxy_addr'])) { $input_errors[] = "You need to specify an address for the proxy port."; } else $proxy['ip'] = $_GET['proxy_addr']; if (empty($_GET['proxy_port'])) { $input_errors[] = "You need to specify a port for the proxy ip."; } else $proxy['port'] = $_GET['proxy_port']; $proxy['proxy_authtype'] = $_GET['proxy_authtype']; if ($_GET['proxy_authtype'] != "none") { if (empty($_GET['proxy_user'])) { $input_errors[] = "You need to specify a username with the proxy config."; } else $proxy['user'] = $_GET['proxy_user']; if (!empty($_GET['proxy_user']) && empty($_GET['proxy_password'])) { $input_errors[] = "You need to specify a password with the proxy user."; } else $proxy['password'] = $_GET['proxy_password']; } } $exp_name = openvpn_client_export_prefix($srvid); if(substr($act, 0, 4) == "conf") { switch ($act) { case "confzip": $exp_name = urlencode($exp_name."-config.zip"); $expformat = "zip"; break; case "confinline": $exp_name = urlencode($exp_name."-config.ovpn"); $expformat = "inline"; break; default: $exp_name = urlencode($exp_name."-config.ovpn"); $expformat = "baseconf"; } $exp_path = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, $expformat, $password, false, false, $advancedoptions); } if($act == "visc") { $exp_name = urlencode($exp_name."-Viscosity.visc.zip"); $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $password, $proxy, $advancedoptions); } if($act == "inst") { $exp_name = urlencode($exp_name."-install.exe"); $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $usetoken, $password, $proxy, $advancedoptions); } if (!$exp_path) { $input_errors[] = "Failed to export config files!"; } if (empty($input_errors)) { if (($act == "conf") || ($act == "confinline")) { $exp_size = strlen($exp_path); } else { $exp_size = filesize($exp_path); } header('Pragma: '); header('Cache-Control: '); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename={$exp_name}"); header("Content-Length: $exp_size"); if (($act == "conf") || ($act == "confinline")) { echo $exp_path; } else { readfile($exp_path); @unlink($exp_path); } exit; } } include("head.inc"); ?>
Remote Access Server
Host Name Resolution

Certificate Export Options
Use Microsoft Certificate Storage instead of local files.
Use a password to protect the pkcs12 file contents or key in Viscosity bundle.
Use HTTP Proxy
Use HTTP proxy to communicate with the server.

 
Additional configuration options

;
Client Install Packages