What's new

VPN policy routing management: per client versus centralized?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Not an A or B answer but similar to doublehd, I want it to do what I need it to do but without the headaches.
And as merlin mentioned, in the end he is going to do what he thinks is best for his fork. Makes sense otherwise nothing gets done if your not passionate about what you are doing.
If both option A and option B can do the same thing, then I would see no harm, just more head ache to get use to navigational wise. But if having option A eliminates all the features allotted by option B, then it would be taking a step back. Any one who wants to take a step back should remain on stock IMHO.
 
Whatever you think is best.
You da boss.
 
What functions would you lose?

If both option A and option B can do the same thing, then I would see no harm, just more head ache to get use to navigational wise. But if having option A eliminates all the features allotted by option B, then it would be taking a step back. Any one who wants to take a step back should remain on stock IMHO.
This is what I worried. If no feature is missing, then I support A because it is easier to manage.
 
This is what I worried. If no feature is missing, then I support A because it is easier to manage.
Yes, exactly. "A" please...
 
This is what I have in mind.

1623608638145.png
 
gVgfOSC.jpeg


That updated client status info would be great!

Not sure how difficult to implement but would it be possible to capture the 'connected since' time/date stamp info and populate this as well? Understand I can see this under VPN status tab on my TAP server but it would be a bonus to be able to track this uptime stat on the remote client router VPN status tab as well...
 
That updated client status info would be great!
The VPN Status page isn't replaced, this is just a summary table shown on the new routing page so users can quickly determine what they have configured (in addition to being able to stop/start a client from there).

Not sure how difficult to implement but would it be possible to capture the 'connected since' time/date stamp info and populate this as well?
OpenVPN itself does not provide that information, and the router has no way of knowing if a given client was disconnected/reconnected since last time the router started it.
 
This is what I have in mind.

View attachment 34408
Hi

- Would you mind to post a screenshot when you click the Policy rules / the PLUS button? I just admire the straight-forward look of the current implementation (386.2_4)
- Are those check mark symbols in the Enable section can be toggled on and off, right?
- I appreciate the Edit function, the current implementation is quite a handful especially when you have to redo lot of rules.

Thank you and I hope more comments from others are coming.
 
I’m interested in the table code. Looks like tableApi, but different.
No, that's my own code, as tableApi lacks too much in flexibility. The popup pane is also straight code, although I reused a lot of Asus's own code to save time, and keep a more uniform look with other pages.

Would you mind to post a screenshot when you click the Policy rules / the PLUS button? I just admire the straight-forward look of the current implementation (386.2_4)
That was just a teaser, as I am still making tweaks to the user interface. The Add popup panel is similar to the existing Port Forwarding popup.

Are those check mark symbols in the Enable section can be toggled on and off, right?
Correct. Makes it easier to temporarily enable/disable specific rules.

The Client pages themselves will still display a read-only list of any rules that are related to the current client. They won't be editable on the client page however - one of the reasons being the higher number of rules that can be stored by the backend storage.
 
I'll make a more detailled forum post once the current implementation gets more feature-complete. I'm still making some last minute tweaks to the UI, before attacking the upgrade code that will migrate old rules into the new storage. Most of 386.3 will focus on the new QR code display, the rewritten vpn routing backend, and this new management UI. Next GPL merge, as well as possible new model addition will be postponed until 386.4.
 
No, that's my own code, as tableApi lacks too much in flexibility. The popup pane is also straight code, although I reused a lot of Asus's own code to save time, and keep a more uniform look with other pages.
I was going to be writing my own code to do something similar for one of my addons, seems like if I hold on I will be able to get some good ideas from your work!
 
Some Q's we al have i think but we have to wait to see more with this new approach, Like: Network, authentication, crypto and policy based settings, etc etc. And offcourse a dropdown for the source ip's :) The above overview looks clear and easy to use, thanks !
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top