VPN config based on SSID

forester · April 18, 2018, 11:23am

Hi,

So I have a couple of SSID’s which are behind firewalls which means it can only reach my VPN’s on particular ports.

I therefore would like to use a particular VPN profile based on the SSID name.

I am quite comfortable on the shell so can always invoke openvpn with the appropriate configuration file - but then the WebGUI does not reflect the “true state”.

Is there a particular way I can change this in a manner that will reflect in the gl-inet WebGUI?

Things I have tried:

Merely killing openvpn and pointing to the new ovpn file - WebGUI still reflects the previous choice in the webGUI
curl script to login (this works) and then call openvpn_cgi with the ovpn-filename, struggling to get this to work, probably because I do not know how to handle the CSRF token header
Call the openvpn_cgi directly - this is a binary though and wants me to authenticate so no idea how

Any tips welcome!

alzhao · April 20, 2018, 10:16am

Check /etc/config/glconfig and find the current ovpn file under use.

forester · April 20, 2018, 10:32am

Thanks @alzhao however ‘ps’ can tell me the same - is there a way to change the running config and ensure the WebUI reflects the change though?

alzhao · April 20, 2018, 10:45am

I am afraid that it is that smart to do that.

forester · April 20, 2018, 11:40am

Ok, figured it out -
$ uci get glconfig.openvpn.ovpn # shows current one
$ uci set glconfig.openvpn.ovpn='/etc/openvpn/example.ovpn # sets to the new one

The GUI reflects the above

Unsure how to hit the ‘apply’ (it is not ‘uci commit’) but stopping and starting openvpn from the same script does it for me for now.

kyson-lok · April 20, 2018, 1:35pm

@forester To apply it. Try to do this.

# uci commit glconfig
# /etc/init.d/startvpn restart

forester · April 20, 2018, 2:17pm

@kyson-lok - thanks a ton, works well and much cleaner