Heslot's picture



How I can protect client use by MAC address locking using the MAC address checking post_auth script?

In the procedure OpenVPN write :

cd /usr/local/openvpn_as/scripts
./sacli -k auth.module.post_auth_script --value_file=/root/mac.py ConfigPut
./sacli start


But there is no /usr/local/openvpn_as/scripts in the Turnkey distribution

Jeremy Davis's picture

TBH, I was initially not sure what you were talking about. But a quick google shows that sacli is one of the commandline tools from OpenVPN's "Access Server". That is non-free proprietary software which we couldn't redistribute even if we wanted to! If you want to go that way, you'll need to sign up and give them your money.

The OpenVPN software appliance that we provide is the OpenVPN client and server software only, ofdten referred to as the community edition. This software is developed by OpenVPN and is the foundation of their commercial product (the "Access Server"), but it is under a free open source licence, so we are able to package and redistribute it.

I hope that clears things up.

PS, to explicitly answer your question, I'm not sure if our OpenVPN appliance is able to do what you want. But it certainly doesn't include the tool that you are referring to.

Add new comment