[eduVPN-deploy] Fixed IP - ccd

Frank Weis Frank.Weis at cgie.lu
Tue Jul 26 18:40:11 CEST 2022 

Hi,

it would be preferable to have the IP on disconnect too. Otherwise, if a user connects with several devices, I'd have to drop all the IPs associated with the user from the tables. On disconnects, having just the IP(s) (not the userID) would probably be fine, but I'm sure that doesn't help at all.

I could work around this by setting maxActiveConfigurations to 1, I guess.

The firewall has states, so I will need to remove IPs from tables AND kill states on disconnects.

Thanks

On 26.07.22 18:06, François Kooman wrote:

ⓘ This message was sent from external user !
Please do not click links or open attachments unless you recognise the source of this email and know the content is safe.

________________________________

On 26.07.22 16:37, Frank Weis wrote:
Hi again,

Hi!

Requirements: we are flexible as long as we can call something with
userID and IP address upon connect/disconnect. Whether it's a url to
call, or a shell command... whatever suits #82 best is OK for us.

Doing some quick prototyping here... "on connect" providing the IPs
(IPv4+IPv6) is easy, but not "on disconnect" unfortunately, that would
be limited to the user ID. Is that enough? Or do you really need the
IPs? Does your firewall service have any state?

Regards,
François
--

Frank Weis
Conseiller informaticien

LE GOUVERNEMENT DU GRAND-DUCHÉ DE LUXEMBOURG
Ministère de l’Éducation nationale, de l’Enfance et de la Jeunesse
Centre de gestion informatique de l’éducation

eduPôle - Walferdange
Route de Diekirch, L-7220 Walferdange
Adresse postale : B.P. 98, L-7201 Bereldange

Tél. Helpdesk: (+352) 247-85999 . Tél. Secrétariat: (+352) 247-85970 .Fax : (+352) 247-85174
E-mail : Frank.Weis at cgie.lu<mailto:Frank.Weis at cgie.lu>
www.cgie.lu<http://www.cgie.lu/>
www.men.lu<http://www.men.lu/>
www.gouvernement.lu<http://www.gouvernement.lu>
[cid:part1.aLahCkYD.ZPgJHoCc at cgie.lu]
Ce message et toutes pièces jointes sont établis à l'intention exclusive de ses destinataires. Ils peuvent contenir des informations confidentielles. Si vous recevez ce message par erreur, merci de le détruire et d'en avertir immédiatement l'expéditeur. Toute utilisation de ce message non conforme à sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse. Ce message a fait l'objet d'un traitement anti-virus.

Le contenu de ce message et des pièces jointes ne pourrait engager la responsabilité du ministère que s'il a été émis par une personne dûment habilitée agissant dans le strict cadre des fonctions auxquelles elle est employée et à des fins non étrangères à ses attributions.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.surfnet.nl/pipermail/eduvpn-deploy/attachments/20220726/99eb6e0f/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bEXZZnReoKGYniCc.png
Type: image/png
Size: 48587 bytes
Desc: bEXZZnReoKGYniCc.png
URL: <https://list.surfnet.nl/pipermail/eduvpn-deploy/attachments/20220726/99eb6e0f/attachment-0001.png>

More information about the eduVPN-deploy mailing list