Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN GUI in 1.2-RELEASE and 2.0BETA 06102010

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    4 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ruh8n2
      last edited by

      While I am going against the recommendation to not put 2.0 in production, I am testing some of the features out which require it to be a production machine for a little bit.

      The replacement box is a 1.2 release, and so far everything except openVPN has worked natively.  Can any guide me through migrating my openVPN settings from the old 1.2 box to the new 2.0.  The GUI for openVPN is different and some of the certificates and settings are not appearing transparent to me. We have a VPN server and a Client-Server (site-to-site) setup

      Example:
      1.2RELEASE-VPN-OpenVPN-Client Bold represents fields we used
      The options you have are:
      Disable this tunnel
      **Protocol -UDP
      Server Address
      Server Port
      Interface IP
      Remote Network
      Proxy Host
      Proxy Port
      Cryptography AES
      AuthMethod -PKI
      Shared Key
      CA Certificate
      Client Certificate
      Client Key
      Limit Bandwidth
      Dynamic Sourceport
      Custom Options

      2.0BETA Has alot more options and some options reflect a different name. Color Change reflects new options, not sure what to do.
      Disabled
      ServerMode
      Protocol
      Device Mode
      Interface
      local port
      server host
      server port
      proxy host
      proxy port
      Proxy Authentication: AuthMode [basic/ntlm] - If this is the same authMode as in 1.2 why was PKI dropped off the list, what do i use?

      Cryptographic Settings
      ETC>
      No need to type the rest.

      Anyone who has an idea how to proceed whether its possible to just migrate the certs or if i have to create a whole new openVPN client server connection.**

      1 Reply Last reply Reply Quote 0
      • R
        ruh8n2
        last edited by

        Some additional questions

        Under 1.2 release site-site, my CA Cert is in x.509 format, my Client Certificate is in x.509 Format, my Client Key is in RSA format.

        However, in 2.0 under the Certificate manager, the Key and Certificate are requested to be in x.509 format.

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          You can just migrate the certs.

          The server mode is just a different way to choose the setup which is more accurate than 1.2. The old PKI setup is "Peer to Peer (SSL/TLS)" with TLS disabled.

          Device mode of tun is default. Interface is usually WAN or WAN2/whatever if you have multi-wan and want to route it out a certain way.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            Upon upgrading it will convert all those things over, so just restore your 1.2 config to the 2.0 install and it should just work. The couple production boxes I have upgraded did, with about 15 clients and servers on each.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.