OpenVPN Server and Client Status

The OpenVPN status page at Status > OpenVPN shows the status of each OpenVPN server and client. The status includes service controls for each separate server and client instance on the status page.

SSL/TLS Client/Server Mode

For OpenVPN servers in SSL/TLS client/server mode (tunnel network larger than /30), the status provides a list of connected remote clients along with their usernames or certificate common names and connection data as seen in Figure OpenVPN status for an SSL/TLS server with one connected client.

../../_images/openvpn-openvpn-status-ra.png

OpenVPN status for an SSL/TLS server with one connected client

The status output includes the following columns in separate blocks for each server instance in this mode:

Common Name

The certificate common name or username of the client.

Real Address

The external/public IP address of the client, as it would appear on the WAN.

Virtual Address

The tunnel network IPv4 and/or IPv6 addresses assigned to the client for use inside the VPN.

Connected Since

A timestamp indicating when this client connected to the server.

Bytes Sent

The amount of data the OpenVPN server has sent to this client.

Bytes Received

The amount of data the OpenVPN server has received from this client.

Ciphers

The encryption algorithm in use for this client, which may vary due to cipher negotiation.

Actions

This column includes icons which control the client.

The fa-times icon at the end of each client row clears the client session, which disconnects the client while allowing them to reconnect.

The fa-times-circle icon at the end of each client row sends a command which halts the remote client. If the client honors the request, its process terminates and it will not automatically reconnect without manual intervention. This can be useful for stopping an unattended client from conflicting with a different active session for a user.

The fa-plus-circle Show Routing Table button under each server’s list of clients displays a table of networks and IP addresses connected through each client connected to that server.

Peer-to-Peer Mode

For OpenVPN instances in peer-to-peer mode (shared key or SSL/TLS with a /30 tunnel network), the output is different. OpenVPN does not report the same amount of information for instances running in peer-to-peer mode, so it cannot offer the same functionality as SSL/TLS client/server mode.

As each instance in this mode is limited to one client per server, the entries are shown in a single table each for clients and servers, with one instance listed per row.

For a server instance the status indicates whether the instance is running and waiting on connections or if the remote client has connected.

For client instances the status indicates whether a connection is pending or active.

../../_images/openvpn-openvpn-status.png

OpenVPN status showing peer-to-peer instances including a server that is up, a server waiting for a connection, and a client attempting to reconnect