what setting do i have wrong "Certificate (SSL/TLS, no Auth)"

comet424

hi i setting up on my sisters pfsense openvpn remote access i thought i duplicated my setup but when i goto export

i get "Certificate (SSL/TLS, no Auth)" beside the user name so i dont need a password.. where on mine i need to add a password and i dont have that... i guessing you want Authorization to make it secure... and my sisters user id has a password..

so what am i doing wrong.. and when do you want a password and when do you want "Certificate (SSL/TLS, no Auth)"

i know on hers i have a site to site vpn setup and using the same server ca i guess it is... and even when i create new using wizard its no authorization etc

Jarhead

@comet424 Really hard to read your post and determine what you're actually asking but I'll take a try.
Edit the OpenVPN server config, then hit the drop down for "Server Mode".
That might be what you're looking for.

comet424

@jarhead

sorry my dislexia gets best of me

so on my pfsense box when i remote access into the Server i have to add a password.. like in your cell

and under "Client Export" its just username

under my sisters under "Client Export"
it goes
"userid Certificate (SSL/TLS, no Auth)"

and doesnt require me to add the password to login just logs right in like it was doing site to site vpn (so my and her pfsense's are linked together) so i can access her network like i was there..

my dyslexia gets best of me and where it sounds fine to me.. doesnt for others...

if the servers section i have it set for "Remote Access (SSL/TLS) but since i dont use openvpn much except setting up site to site like 2.5 yrs ago i know its probably simple and i just dont notice it... i set it and forget it kinda thing..

where is the "Server Mode" like the openvpn server config is that the CA certtificates? or under the VPN under Servers?

comet424

im sure its something simple i missing.... doesnt help i dont use it every day then id remember lol

bingo600

@comet424

Under OpenVPN Server you might want to select SSL/TLS + User Auth

comet424

ok i got it working i did have that the "SSL/TLS + User Auth"
what i noticed i didnt notice before

for both site to site and remote access

the description is "openvpn remote access" i had for both..

i did not know that under Client Export under "Remote Access Server" it goes by description

and when i read it saying "openvpn remote access" thought i was fine.. when i clicked it i had 2 "openvpn remote access" i never knew that was "Description" and not name of the certificate...

i know if i used openvpn alot i wouldnt make mistakes like that....

too bad for newbs they didnt offer a little note under Client Export
under Remote Access Server.. Server name is from Description Name from Server Tab... or under the Servers.. when you write Description.. like it say "This will be Remote Access Server Name"

i never clued in at all till i found i had both desc same and that made the difference... didnt even know