$server) { if (isset($server['disable'])) continue; $ras_user = array(); $ras_certs = array(); if (stripos($server['mode'], "server") === false) continue; if ($server['authmode'] == "Local Database" && ($server['mode'] != "server_user")) { foreach($a_user as $uindex => $user) { if (!is_array($user['cert'])) continue; foreach($user['cert'] as $cindex => $cert) { // If $cert is not an array, it's a certref not a cert. if (!is_array($cert)) $cert = lookup_cert($cert); if ($cert['caref'] != $server['caref']) continue; $ras_userent = array(); $ras_userent['uindex'] = $uindex; $ras_userent['cindex'] = $cindex; $ras_userent['name'] = $user['name']; $ras_userent['certname'] = $cert['descr']; $ras_user[] = $ras_userent; } } } elseif ((!empty($server['authmode']) && ($server['mode'] != "server_user")) || ($server['mode'] == "server_tls")) { foreach($a_cert as $cindex => $cert) { if ($cert['caref'] != $server['caref']) continue; $ras_cert_entry['cindex'] = $cindex; $ras_cert_entry['certname'] = $cert['descr']; $ras_cert_entry['certref'] = $cert['refid']; $ras_certs[] = $ras_cert_entry; } } $ras_serverent = array(); $prot = $server['protocol']; $port = $server['local_port']; if ($server['description']) $name = "{$server['description']} {$prot}:{$port}"; else $name = "Server {$prot}:{$port}"; $ras_serverent['index'] = $sindex; $ras_serverent['name'] = $name; $ras_serverent['users'] = $ras_user; $ras_serverent['certs'] = $ras_certs; $ras_serverent['mode'] = $server['mode']; $ras_server[] = $ras_serverent; } $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; $act = $_GET['act']; if (isset($_POST['act'])) $act = $_POST['act']; $error = false; if($act == "conf" || $act == "confall") { $srvid = $_GET['srvid']; $usrid = $_GET['usrid']; $crtid = $_GET['crtid']; if ($srvid === false) { pfSenseHeader("vpn_openvpn_export.php"); exit; } else if (($config['openvpn']['openvpn-server'][$srvid]['mode'] != "server_user") && (($usrid === false) || ($crtid === false))) { pfSenseHeader("vpn_openvpn_export.php"); exit; } if ($config['openvpn']['openvpn-server'][$srvid]['mode'] == "server_user") $nokeys = true; else $nokeys = false; if (empty($_GET['useaddr'])) { $error = true; $input_errors[] = "You need to specify an IP or hostname."; } else $useaddr = $_GET['useaddr']; $advancedoptions = $_GET['advancedoptions']; $usetoken = $_GET['usetoken']; $password = ""; if ($_GET['password']) $password = $_GET['password']; $proxy = ""; if (!empty($_GET['proxy_addr']) || !empty($_GET['proxy_port'])) { $proxy = array(); if (empty($_GET['proxy_addr'])) { $error = true; $input_errors[] = "You need to specify an address for the proxy port."; } else $proxy['ip'] = $_GET['proxy_addr']; if (empty($_GET['proxy_port'])) { $error = true; $input_errors[] = "You need to specify a port for the proxy ip."; } else $proxy['port'] = $_GET['proxy_port']; $proxy['proxy_authtype'] = $_GET['proxy_authtype']; if ($_GET['proxy_authtype'] != "none") { if (empty($_GET['proxy_user'])) { $error = true; $input_errors[] = "You need to specify a username with the proxy config."; } else $proxy['user'] = $_GET['proxy_user']; if (!empty($_GET['proxy_user']) && empty($_GET['proxy_password'])) { $error = true; $input_errors[] = "You need to specify a password with the proxy user."; } else $proxy['password'] = $_GET['proxy_password']; } } $exp_name = openvpn_client_export_prefix($srvid); if ($act == "confall") $zipconf = true; $exp_data = openvpn_client_export_config($srvid, $usrid, $crtid, $useaddr, $usetoken, $nokeys, $proxy, $zipconf, $password, false, false, $advancedoptions); if (!$exp_data) { $input_errors[] = "Failed to export config files!"; $error = true; } if (!$error) { if ($act == "confall") { $exp_name = urlencode($exp_data); $exp_size = filesize("{$g['tmp_path']}/{$exp_data}"); } else { $exp_name = urlencode($exp_name."-config.ovpn"); $exp_size = strlen($exp_data); } header('Pragma: '); header('Cache-Control: '); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename={$exp_name}"); header("Content-Length: $exp_size"); if ($act == "confall") readfile("{$g['tmp_path']}/{$exp_data}"); else echo $exp_data; @unlink($exp_data); exit; } } if($act == "visc") { $srvid = $_GET['srvid']; $usrid = $_GET['usrid']; $crtid = $_GET['crtid']; if ($srvid === false) { pfSenseHeader("vpn_openvpn_export.php"); exit; } else if (($config['openvpn']['openvpn-server'][$srvid]['mode'] != "server_user") && (($usrid === false) || ($crtid === false))) { pfSenseHeader("vpn_openvpn_export.php"); exit; } if (empty($_GET['useaddr'])) { $error = true; $input_errors[] = "You need to specify an IP or hostname."; } else $useaddr = $_GET['useaddr']; $advancedoptions = $_GET['advancedoptions']; $usetoken = $_GET['usetoken']; $password = ""; if ($_GET['password']) $password = $_GET['password']; $proxy = ""; if (!empty($_GET['proxy_addr']) || !empty($_GET['proxy_port'])) { $proxy = array(); if (empty($_GET['proxy_addr'])) { $error = true; $input_errors[] = "You need to specify an address for the proxy port."; } else $proxy['ip'] = $_GET['proxy_addr']; if (empty($_GET['proxy_port'])) { $error = true; $input_errors[] = "You need to specify a port for the proxy ip."; } else $proxy['port'] = $_GET['proxy_port']; $proxy['proxy_authtype'] = $_GET['proxy_authtype']; if ($_GET['proxy_authtype'] != "none") { if (empty($_GET['proxy_user'])) { $error = true; $input_errors[] = "You need to specify a username with the proxy config."; } else $proxy['user'] = $_GET['proxy_user']; if (!empty($_GET['proxy_user']) && empty($_GET['proxy_password'])) { $error = true; $input_errors[] = "You need to specify a password with the proxy user."; } else $proxy['password'] = $_GET['proxy_password']; } } $exp_name = openvpn_client_export_prefix($srvid); $exp_name = urlencode($exp_name."-Viscosity.visc.zip"); $exp_path = viscosity_openvpn_client_config_exporter($srvid, $usrid, $crtid, $useaddr, $usetoken, $password, $proxy, $advancedoptions); if (!$exp_path) { $input_errors[] = "Failed to export config files!"; $error = true; } if (!$error) { $exp_size = filesize($exp_path); header('Pragma: '); header('Cache-Control: '); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename={$exp_name}"); header("Content-Length: $exp_size"); readfile($exp_path); //unlink($exp_path); exit; } } if($act == "inst") { $srvid = $_GET['srvid']; $usrid = $_GET['usrid']; $crtid = $_GET['crtid']; if ($srvid === false) { pfSenseHeader("vpn_openvpn_export.php"); exit; } else if (($config['openvpn']['openvpn-server'][$srvid]['mode'] != "server_user") && (($usrid === false) || ($crtid === false))) { pfSenseHeader("vpn_openvpn_export.php"); exit; } if (empty($_GET['useaddr'])) { $error = true; $input_errors[] = "You need to specify an IP or hostname."; } else $useaddr = $_GET['useaddr']; $advancedoptions = $_GET['advancedoptions']; $usetoken = $_GET['usetoken']; $password = ""; if ($_GET['password']) $password = $_GET['password']; $proxy = ""; if (!empty($_GET['proxy_addr']) || !empty($_GET['proxy_port'])) { $proxy = array(); if (empty($_GET['proxy_addr'])) { $error = true; $input_errors[] = "You need to specify an address for the proxy port."; } else $proxy['ip'] = $_GET['proxy_addr']; if (empty($_GET['proxy_port'])) { $error = true; $input_errors[] = "You need to specify a port for the proxy ip."; } else $proxy['port'] = $_GET['proxy_port']; $proxy['proxy_authtype'] = $_GET['proxy_authtype']; if ($_GET['proxy_authtype'] != "none") { if (empty($_GET['proxy_user'])) { $error = true; $input_errors[] = "You need to specify a username with the proxy config."; } else $proxy['user'] = $_GET['proxy_user']; if (!empty($_GET['proxy_user']) && empty($_GET['proxy_password'])) { $error = true; $input_errors[] = "You need to specify a password with the proxy user."; } else $proxy['password'] = $_GET['proxy_password']; } } $exp_name = openvpn_client_export_prefix($srvid); $exp_name = urlencode($exp_name."-install.exe"); $exp_path = openvpn_client_export_installer($srvid, $usrid, $crtid, $useaddr, $usetoken, $password, $proxy, $advancedoptions); if (!$exp_path) { $input_errors[] = "Failed to export config files!"; $error = true; } if (!$error) { $exp_size = filesize($exp_path); header('Pragma: '); header('Cache-Control: '); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename={$exp_name}"); header("Content-Length: $exp_size"); readfile($exp_path); unlink($exp_path); exit; } } include("head.inc"); ?>
Remote Access Server
Host Name Resolution

Certificate Export Options
Use Microsoft Certificate Storage instead of local files.
Use a password to protect the pkcs12 file contents.
Use HTTP Proxy
Use HTTP proxy to communicate with the server.

 
Additional configuration options

;
Client Install Packages