Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client export list is empty on v 2.3.2

    Scheduled Pinned Locked Moved OpenVPN
    14 Posts 6 Posters 4.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      robina80
      last edited by

      hi all,

      my openvpn used to work on v 2.2.6 but now since i have updated it to v 2.3.2 i cant see my list of clients to export, its empty ie ios android windows

      i have redone everything again ie deleted the openvpn client export package re-downloded it

      deleted the openvpn server again and re-done the wizard again

      any help please,

      many thanks,

      rob

      1 Reply Last reply Reply Quote 0
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator
        last edited by

        did you create user certs?  There will be nothing in the client export unless there are certs

        I am on 2.3.2_p1 and its been upgraded every time from like 2.0 and have never had any issues with openvpn.  Never had to redo anything

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07 | Lab VMs 2.8, 25.07

        1 Reply Last reply Reply Quote 0
        • T Offline
          tstorm
          last edited by

          I just updated the client export package and my users disappeared as well. They were there before the update and the users are still in the users page.

          1 Reply Last reply Reply Quote 0
          • johnpozJ Online
            johnpoz LAYER 8 Global Moderator
            last edited by

            So I see there is an update.. so I just updated

            
            >>> Upgrading pfSense-pkg-openvpn-client-export... 
            Updating pfSense-core repository catalogue...
            pfSense-core repository is up-to-date.
            Updating pfSense repository catalogue...
            pfSense repository is up-to-date.
            All repositories are up-to-date.
            The following 1 package(s) will be affected (of 0 checked):
            
            Installed packages to be UPGRADED:
            	pfSense-pkg-openvpn-client-export: 1.3.11 -> 1.3.12 [pfSense]
            
            Number of packages to be upgraded: 1
            
            18 KiB to be downloaded.
            Fetching pfSense-pkg-openvpn-client-export-1.3.12.txz: .. done
            Checking integrity... done (0 conflicting)
            [1/1] Upgrading pfSense-pkg-openvpn-client-export from 1.3.11 to 1.3.12...
            [1/1] Extracting pfSense-pkg-openvpn-client-export-1.3.12: .......... done
            Removing openvpn-client-export components...
            Loading package instructions...
            Saving updated package information...
            overwrite!
            Loading package configuration... done.
            Configuring package components...
            Loading package instructions...
            Custom commands...
            Writing configuration... done.
            >>> Cleaning up cache... done.
            Success
            
            

            And yup looks like all the users are gone… Hmmmm  Let me look to see what could cause that... But looks like might be a bad update??

            Yeah there seems to be something wrong here... I created a new cert and it doesn't show up..

            So this didn't have anything to do with 2.3.2 or going from 2.x etc..  This has to do with this update of the client export package.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07 | Lab VMs 2.8, 25.07

            1 Reply Last reply Reply Quote 0
            • T Offline
              tstorm
              last edited by

              In the client export tab did you click the button save as default? When I did this, all of my clients reappeared.

              1 Reply Last reply Reply Quote 0
              • R Offline
                robina80
                last edited by

                what a dumb arse, i had the user but deleted the user cert, after that when i went back to client exports, the list was there

                1 Reply Last reply Reply Quote 0
                • DerelictD Offline
                  Derelict LAYER 8 Netgate
                  last edited by

                  You're not being dumb.

                  We have all wanted saving those preferences in the exporter. Looks like it's finally happening.

                  Might be a better way to handle that though.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ Online
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    Yeah I like the addition of the default.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 25.07 | Lab VMs 2.8, 25.07

                    1 Reply Last reply Reply Quote 0
                    • Q Offline
                      qinohe
                      last edited by

                      pfSense-pkg-openvpn-client-export: 1.3.12 -> 1.3.13 [pfSense]

                      Just updated, I can export configs again, thanks.

                      But pffft, I thought it was me so I created the whole ca-crt chain again, there are a few, than I saw the update  ::)

                      1 Reply Last reply Reply Quote 0
                      • J Offline
                        JonH
                        last edited by

                        This worked the first time I did it however I decided to go back and make some changes and start all over.

                        Now, the User Cert does not appear in the list at the bottom.  >:(

                        I'm have 1.3.13 installed and a User Certificate.  I have saved the default.
                        It no longer shows up….

                        Maybe I need to delete all the certs, including the CA? 
                        I must be doing something stupid, it should not be this difficult.

                        1 Reply Last reply Reply Quote 0
                        • DerelictD Offline
                          Derelict LAYER 8 Netgate
                          last edited by

                          Depends on what changes you made.

                          It still will not show you users with certificates issued by a CA other than the one set in the server since that wouldn't work anyway.

                          Chattanooga, Tennessee, USA
                          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                          Do Not Chat For Help! NO_WAN_EGRESS(TM)

                          1 Reply Last reply Reply Quote 0
                          • J Offline
                            JonH
                            last edited by

                            I used the Wizard to make the Server and just not going back and looking it make 'remote access' instead of peer/peer. 
                            Must have made mistake in that selection.

                            I'll delete it all and try again tomorrow.

                            1 Reply Last reply Reply Quote 0
                            • DerelictD Offline
                              Derelict LAYER 8 Netgate
                              last edited by

                              Client export is for remote access, not peer-to-peer.

                              Chattanooga, Tennessee, USA
                              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                              Do Not Chat For Help! NO_WAN_EGRESS(TM)

                              1 Reply Last reply Reply Quote 0
                              • J Offline
                                JonH
                                last edited by

                                OK, my bad.
                                What I am trying to do is set up openVPN for access from iPhone (ios)

                                I had it working but with a bunch of questionable errors in the log.
                                I had created my .conf by hand.  I recently read here that the wizard needed to be used to make sure all was properly done.
                                So started over and blew it by choosing peer/peer.  Lesson - don't do this stuff late at night.  :P

                                My mistake was:

                                1. setting up server for peer/peer tls instead of remote tls.
                                2. creating a client, not necessary cause export creates it.  Changing server to 'remote tls' and going directly to client export gives me the missing part of the puzzle.

                                Thanks for pointing me in the right direction.

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.