Who is currently connecting to your VPN server?
This is the eleventh in a series of posts featuring Protips, tips, tricks, hacks, and secrets provided by Our Team 🙊 — We want to share our top tips for the growing and thriving Linux community out there. Because sometimes you need a little help...
Being able to monitor or list which VPN clients (OpenVPN) are connected in real-time in your system is crucial. This is one of the primary features that VPN monitoring companies look at. This refers to the number of VPN sessions that are currently active.
The idea here is simple. When the VPN connection is not guarded or monitored, it can lead to easy access for intruders and hackers.
As a result, unauthorized entry into the communication channels might certainly cause a breach.
Also, let's remind you that using a VPN connection is not only meant to bypass regions and get you to bypass Netflix's restrictions.
Nah! There is way more to that.
Depending on the type of VPN connection u using but VPN (or Virtual Private Network) is a way of connecting to a local network over the internet.
For example, say you want to connect to the local network at your workplace while you’re on a business trip. You would find an internet connection somewhere (like at a hotel) and then connect to your workplace’s VPN.
It would be as if you were directly connected to your base network, but the actual network connection would be through the hotel’s internet connection for instance.
So comparing how many OpenVPN clients you have created against who is actually connected can give you a great view of what is going on.
ps: Given access must be < of that is actually connected.
To get that information you need to query your OpenVPN-status.log file, which usually resides in /var/log/openvpn/openvpn-status.log on Ubuntu server.
These logs include output from the OpenVPN daemon(s) in use, both clients and servers. Log messages include entries for successful connections as well as failures and errors.
$ sudo /var/log/openvpn/openvpn-status.log
[sudo] password for uranus:
OpenVPN CLIENT LIST
Updated,2023-08-07 21:57:20
Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since
uranus,162.142.125.xxx:61541,8461,24231,2023-08-07 21:57:12
uranus,162.142.125.xxx:50974,146465140,367748577,2023-08-06 00:14:03
uranus,162.142.125.xxx:64335,51446494,366910258,2023-08-07 12:59:30
uranus,162.142.125.xxx:65136,158521589,2829174947,2023-08-07 13:22:50
ROUTING TABLE
Virtual Address,Common Name,Real Address,Last Ref
10.8.0.7,uranus,162.142.125.xxx:61541,2023-08-07 21:57:15
10.8.0.6,uranus,162.142.125.xxx:64335,2023-08-07 21:57:19
10.8.0.5,uranus,162.142.125.xxx:65136,2023-08-07 21:57:19
10.8.0.4,uranus,162.142.125.xxx:50974,2023-08-07 21:57:11
GLOBAL STATS
Max bcast/mcast queue length,4
END
Of course; we will refine our search in conjunction with the grep and wc commands to give us a count of occurrences.
$ sudo cat /var/log/openvpn/status.log | grep "10\.8\.*\.*" | wc -l
OUPUT
4
grep command provides us with the pattern you want to examine and pipe (|) or transfer the standard output to wc -l command so it will output how many times the pattern occurs.
So, to sum up; the above will display the number of lines containing and beginning with this exact sequence of 10.8. ; here 4times.
This basically tells us that there are currently #4 OpenVPN Clients actually connected to our OpenVPN server.
Also, remember; as a sysadmin, you must always look for false-positive.