OpenVPN Server and Client Status¶
The OpenVPN status page at Status > OpenVPN shows the status of each OpenVPN server and client. The status includes service controls for each separate server and client instance on the status page.
SSL/TLS Client/Server Mode¶
For OpenVPN servers in SSL/TLS client/server mode (tunnel network larger than
/30), the status provides a list of connected remote clients along with
their usernames or certificate common names and connection data as seen in
Figure OpenVPN status for an SSL/TLS server with one connected client.
OpenVPN status for an SSL/TLS server with one connected client¶
The status of an instance has a header bar which includes the OS interface name
(e.g. ovpns1), the custom text description of the VPN, its protocol and
port, plus a total count of connected clients.
The status output includes the following columns in separate blocks for each server instance in this mode:
- Common Name
The certificate common name and/or username of the client. For VPNs utilizing user authentication, both are printed in this column. The values may differ depending on whether the server has SSL/TLS enabled and whether or not the Username as Common Name option is enabled.
- Real Address
The external/public IP address of the client, as it would appear on the WAN.
- Virtual Address
The tunnel network IPv4 and/or IPv6 addresses assigned to the client for use inside the VPN.
- Connected Since
A timestamp indicating when this client connected to the server or the last status change of the connection.
- Bytes Sent
The amount of data the OpenVPN server has sent to this client.
- Bytes Received
The amount of data the OpenVPN server has received from this client.
- Ciphers
The encryption algorithm in use for this client, which may vary due to cipher negotiation.
- Actions
This column includes icons which control the client.
The
icon will appear at the end of each client row if that client
authenticated via RADIUS and has firewall rules received from RADIUS. Clicking
the icon will open a modal dialog displaying the contents of that user’s
personal firewall ruleset.The
icon at the end of each client row clears the client session,
which disconnects the client while allowing them to reconnect.The
icon at the end of each client row sends a command which
halts the remote client. If the client honors the request, its process
terminates and it will not automatically reconnect without manual
intervention. This can be useful for stopping an unattended client from
conflicting with a different active session for a user.
The 
Show Routing Table button under each server’s list of
clients displays a table of networks and IP addresses connected through each
client connected to that server.
Peer-to-Peer Mode¶
For OpenVPN instances in peer-to-peer mode (shared key or SSL/TLS with a /30
tunnel network), the output is slightly different. OpenVPN does not report the
same amount of information for instances running in peer-to-peer mode, so it
cannot offer the same functionality as SSL/TLS client/server mode.
As each instance in this mode is limited to one client per server, the entries are shown in a single table each for clients and servers, with one instance listed per row.
The Name colum prints the OS interface name for the VPN (e.g. ovpns1)
and its configured text description, along with the protocol and port number.
For a server instance the Status column indicates whether the instance is running and waiting on connections or if the remote client has connected.
For client instances the Status column indicates whether a connection is pending or active.
The status column may display more detailed information if it’s available during certain stages of configuration and connection.
OpenVPN status showing peer-to-peer instances including a server that is up, a server waiting for a connection, and a client attempting to reconnect¶