Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client export list is empty on v 2.3.2

    Scheduled Pinned Locked Moved OpenVPN
    14 Posts 6 Posters 4.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ Offline
      johnpoz LAYER 8 Global Moderator
      last edited by

      So I see there is an update.. so I just updated

      
      >>> Upgrading pfSense-pkg-openvpn-client-export... 
      Updating pfSense-core repository catalogue...
      pfSense-core repository is up-to-date.
      Updating pfSense repository catalogue...
      pfSense repository is up-to-date.
      All repositories are up-to-date.
      The following 1 package(s) will be affected (of 0 checked):
      
      Installed packages to be UPGRADED:
      	pfSense-pkg-openvpn-client-export: 1.3.11 -> 1.3.12 [pfSense]
      
      Number of packages to be upgraded: 1
      
      18 KiB to be downloaded.
      Fetching pfSense-pkg-openvpn-client-export-1.3.12.txz: .. done
      Checking integrity... done (0 conflicting)
      [1/1] Upgrading pfSense-pkg-openvpn-client-export from 1.3.11 to 1.3.12...
      [1/1] Extracting pfSense-pkg-openvpn-client-export-1.3.12: .......... done
      Removing openvpn-client-export components...
      Loading package instructions...
      Saving updated package information...
      overwrite!
      Loading package configuration... done.
      Configuring package components...
      Loading package instructions...
      Custom commands...
      Writing configuration... done.
      >>> Cleaning up cache... done.
      Success
      
      

      And yup looks like all the users are gone… Hmmmm  Let me look to see what could cause that... But looks like might be a bad update??

      Yeah there seems to be something wrong here... I created a new cert and it doesn't show up..

      So this didn't have anything to do with 2.3.2 or going from 2.x etc..  This has to do with this update of the client export package.

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 25.07 | Lab VMs 2.8, 25.07

      1 Reply Last reply Reply Quote 0
      • T Offline
        tstorm
        last edited by

        In the client export tab did you click the button save as default? When I did this, all of my clients reappeared.

        1 Reply Last reply Reply Quote 0
        • R Offline
          robina80
          last edited by

          what a dumb arse, i had the user but deleted the user cert, after that when i went back to client exports, the list was there

          1 Reply Last reply Reply Quote 0
          • DerelictD Offline
            Derelict LAYER 8 Netgate
            last edited by

            You're not being dumb.

            We have all wanted saving those preferences in the exporter. Looks like it's finally happening.

            Might be a better way to handle that though.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • johnpozJ Offline
              johnpoz LAYER 8 Global Moderator
              last edited by

              Yeah I like the addition of the default.

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 25.07 | Lab VMs 2.8, 25.07

              1 Reply Last reply Reply Quote 0
              • Q Offline
                qinohe
                last edited by

                pfSense-pkg-openvpn-client-export: 1.3.12 -> 1.3.13 [pfSense]

                Just updated, I can export configs again, thanks.

                But pffft, I thought it was me so I created the whole ca-crt chain again, there are a few, than I saw the update  ::)

                1 Reply Last reply Reply Quote 0
                • J Offline
                  JonH
                  last edited by

                  This worked the first time I did it however I decided to go back and make some changes and start all over.

                  Now, the User Cert does not appear in the list at the bottom.  >:(

                  I'm have 1.3.13 installed and a User Certificate.  I have saved the default.
                  It no longer shows up….

                  Maybe I need to delete all the certs, including the CA? 
                  I must be doing something stupid, it should not be this difficult.

                  1 Reply Last reply Reply Quote 0
                  • DerelictD Offline
                    Derelict LAYER 8 Netgate
                    last edited by

                    Depends on what changes you made.

                    It still will not show you users with certificates issued by a CA other than the one set in the server since that wouldn't work anyway.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • J Offline
                      JonH
                      last edited by

                      I used the Wizard to make the Server and just not going back and looking it make 'remote access' instead of peer/peer. 
                      Must have made mistake in that selection.

                      I'll delete it all and try again tomorrow.

                      1 Reply Last reply Reply Quote 0
                      • DerelictD Offline
                        Derelict LAYER 8 Netgate
                        last edited by

                        Client export is for remote access, not peer-to-peer.

                        Chattanooga, Tennessee, USA
                        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                        1 Reply Last reply Reply Quote 0
                        • J Offline
                          JonH
                          last edited by

                          OK, my bad.
                          What I am trying to do is set up openVPN for access from iPhone (ios)

                          I had it working but with a bunch of questionable errors in the log.
                          I had created my .conf by hand.  I recently read here that the wizard needed to be used to make sure all was properly done.
                          So started over and blew it by choosing peer/peer.  Lesson - don't do this stuff late at night.  :P

                          My mistake was:

                          1. setting up server for peer/peer tls instead of remote tls.
                          2. creating a client, not necessary cause export creates it.  Changing server to 'remote tls' and going directly to client export gives me the missing part of the puzzle.

                          Thanks for pointing me in the right direction.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.