10

Would like to forcefully kick a specific user connection.

OS is Ubuntu 16, OVPN Server is OpenVPN 2.3.10

I can see them connected in /etc/openvpn/openvpn-status.log which lists out current client status. And their persistent connection pool is saved to /etc/openvpn/ipp.txt

I can kick all users by simply cycling the openvpn daemon service openvpn restart however I want to kick ONE single user.

I've tried openvpn --help and man openvpn as well as searched google but not seeing anything.

OS is Ubuntu 16, Server is OpenVPN 2.3.10

emmdee
  • 2,187
  • 12
  • 36
  • 60

1 Answers1

13

Doing this requires some preparation ahead of time. Specifically you need to enable the Management port (--management IP port). With the management port enabled you can connect to that management port using telnet/netcat and then you can issue commands to disconnect a session (eg kill client-name).

See this page for more about the usage of that interface.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • Wow thanks so much. Interesting this doc didn't come up while searching various keywords. – emmdee Mar 09 '18 at 05:27
  • This is a brute force solution and not a great user experience. Because you only kill the connection. The user still believes to be connected to the server. Ideally a disconnect signal should be sent to the user so that the client disconnects properly. – Houman May 11 '21 at 14:38