Disconnecting a vpn user via command line does not work for me.
I tried the following:
Get connection details of user schweiger:
I used the external and internal ip address. Both with no effect.
chroot /var/sec/chroot-openvpn /usr/bin/ras_update.plx ssl disconnect username schweiger 10.242.2.6
I don't receive any error message but the user's connection is still established (verfied with the openvpn_connection.sh command).
Does this need to be done from the command line? Would temporarily disabling the account through the webadmin be an option?
The second command should be just:
/usr/bin/ras_update.plx ssl disconnect username schweiger 10.242.2.6
Does that not work anymore?
Cheers - Bob
Thanks for your answer.
But I already tried this as described above.
I don't receive any error message but the connection is still alive :(
Did you trie that as root user?
try that one:
login to FW
sudo -i /usr/local/bin/openvpn_connections.sh # List all connections chroot /var/sec/chroot-openvpn /usr/bin/ras_update.plx ssl disconnect username schweiger SSL-VPN-IP
my output of all connections:
sg115:/root # openvpn_connections.shOpenVPN CLIENT LISTUpdated,Sun Apr 11 13:43:50 2021Common Name,Real Address,Bytes Received,Bytes Sent,Connected Sinceddr,2a03:567:1::11,44472,61351,Sun Apr 11 13:34:01 2021ROUTING TABLEVirtual Address,Common Name,Real Address,Last Reffd22:5c88:8e98:2::1000,schweiger,2a03:567:1::11,Sun Apr 11 13:37:10 20218.104.22.168,schweiger,2a03:567:1::11,Sun Apr 11 13:42:32 2021
I tried this one without success:
sg115:/root # iduid=0(root) gid=0(root) groups=0(root),890(xorp)sg115:/root # /var/chroot-openvpn/usr/bin/ras_update.plx ssl disconnect username schweiger 10.242.2.2
Not sure why you persist in starting the last command with /var/chroot-openvpn.
This was without chroot. I had to use the full path to the script:
sg115:/root # /var/chroot-openvpn/usr/bin/ras_update.plx ssl disconnect username schweiger 10.242.2.2
But it doesn't work :(
You're right, Duff - this doesn't work anymore. I just logged in from my iPhone via LTE and hen got the following result at the command line:
secure:/root # chroot /var/sec/chroot-openvpn secure:/ # /usr/bin/ras_update.plx ssl disconnect username BAlfson 10.242.2.2 perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LANG = "en_US.UTF-8" are supported and installed on your system. perl: warning: Falling back to the standard locale ("C").
iPhone still connected.