OpenVPN Client Export Utility - different config on 1.1.3
-
I've updated my OpenVPN Client Export Utility from previous version (I forgot) to latest one (1.1.3) on pfSense 2.1-RELEASE.
The configuration in file .opvn is a little bit different.Previous:
dev tun
persist-tun
persist-key
proto tcp-client
cipher BF-CBC
tls-client
client
resolv-retry infinite
remote x.x.x.x 443
tls-remote VPN Server Certificate
auth-user-pass
pkcs12 firewall3-TCP-443-x.p12
tls-auth firewall3-TCP-443-x-tls.key 1
comp-lzoCurrent:
dev tun
persist-tun
persist-key
cipher BF-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote x.x.x.x 443 tcp
verify-x509-name VPN Server Certificate name
auth-user-pass
pkcs12 firewall3-TCP-443-x.p12
tls-auth firewall3-TCP-443-x-tls.key 1
comp-lzoWould somebody fix this?
-
What is there to fix?
Did it break for you? -
I get errors on some clients about "verify-x509-name VPN Server Certificate name". When I delete it manually it works.
-
I get errors on some clients about "verify-x509-name VPN Server Certificate name". When I delete it manually it works.
I agree. I'm using the latest version of OpenVPN client from openvpn.net and it won't run if I didn't manually change verify-x508-name into tls-remote.
-
There is a choice in the latest version to use tls-remote if you need to.
If you have issues with verify-x509-name then you are not running an OpenVPN 2.3-based version. Make sure you uninstall OpenVPN and reinstall it again with the most current version. An in-place run of the client would likely skip over the actual install if it already detected OpenVPN present on the system.