Bug with OpenVPN Export 1.2.6

cmb

The issue with the Viscosity export was only in the offset of the variables at the end, impacting the OpenVPN Manager and custom options fields. I verified the TLS key functionality in 1.2.6 at the time that was fixed, and again now. It works fine. I'd go with Jim's last recommendation next.

scolland

Hi,

I am having the same issue (Viscosity config does not work but the Other inline option does).

If it helps, this is the log for the Viscosity config file:

Apr 23 09:12:36: Viscosity Mac 1.4.6 (1156)
Apr 23 09:12:36: Viscosity OpenVPN Engine Started
Apr 23 09:12:36: Running on Mac OS X 10.9.2
Apr 23 09:12:36: –-------
Apr 23 09:12:36: Checking reachability status of connection...
Apr 23 09:12:36: Connection is reachable. Starting connection attempt.
Options error: --tls-auth fails with 'ta.key': No such file or directory
Options error: Please correct these errors.

The OpenVPN subsystem could not be started. Please check the following:

• Check for any error messages above this notification.
• Make sure Viscosity is not running under a File Vault protected location (put Viscosity in the Applications folder).
• Make sure the configuration is valid. Check the connection settings for the connection using Viscosity and make sure all settings are correct.

Thanks

James

jimp

@scolland - Are you on version 1.2.6 of the export package? If so, does your server actually have TLS Authentication enabled?

I still can't reproduce any problem with the current package. The ta.key is in the archive as it should be.

priller

I'm having the same problem with the Viscosity export.

Version 1.2.6 of the export package.

Yes, the server has TLS Authentication enabled.

The exported Viscosity package does contain the ta.key, but it looks like it can't be read in by the client.  ??

jimp

Does the ta.key in the file have anything in it? Is it the right ta.key?

priller

@jimp:

Does the ta.key in the file have anything in it? Is it the right ta.key?

It's there.  The ta.key in the bundle is identical to the one in the server config page.  Also the same as the one in the "others" export which does work in Viscosity.

FWIW, the Viscosity client is 1.4.8 (1162).  May be client-side issue.

priller

I found the problem with the Viscosity bundle created by the Client Export.

This is how it should look (based on the export of a working profile from the Viscosity client)

ca ca.crt
tls-auth ta.key 1
cert cert.crt
key key.key

Here is what the pfSense bundle has

tls-auth pfsense-udp-1194-username-tls.key  <<-----
ca ca.crt
tls-auth ta.key 1
cert cert.crt
key key.key

If I remove the erroneous tls-auth line (the first one) from the config.conf in the bundle, everything works correctly.

jimp

OK, that should be much easier to track down. I'll check on it from that angle.

jimp

Pushed a fix. Be on the lookout for 1.2.9

priller

@jimp:

Pushed a fix. Be on the lookout for 1.2.9

That works.  Thanks!  :)

rugby

I was just coming back after taking some time off of work and going to post something.  Thanks for fixing this guys!