Possible to use directly a .ovpn file without GUI ?



  • Hello,

    i will use pfSense with OpenVPN as a Client, i´ve seen there is actually no function to import existing OpenVPN configurations (*.ovpn) see https://forum.pfsense.org/index.php?topic=90072.msg679864#msg679864

    I would like to have such a possiblity, without entering all required data in the web form, is this feature planned for future @DevTeam? I think its not so complicated to write a PHP upload function and save the file to the specific OpenVPN configuration path?!

    At the moment i have a problem to get started with a given configuration from an VPN provider, because not all entries from the config file can be set directly in pfSense GUI. I tried to compare the output /var/etc/openvpn/client1.conf with the given file, it differs.

    Normally i would use the following command:

    openvpn --config someServer.ovpn
    

    For testing purpose i tried this command on my client with the given config file, but the OpenVPN client on pfSense is using the following config file:

    openvpn --config /var/etc/openvpn/client1.conf
    

    I tried to replace the content with the delivered config file, but on each OpenVPN service start the content will be overriden  >:(
    Where is the call of openvpn command, which sets the static file, at this point i could use another config file?!

    What is the best way to use already existing config files in pfSense?

    Offtopic: Wow, why is the config so unstructered, is it because so historical? In modern applications there configurations based on XML/JSON structure, the is the hard convention, but in the OpenVPN configuration there are really rules, each entry can be written at the beginning or at the end.


  • Rebel Alliance Developer Netgate

    I don't see that being accepted. Something to import an .ovpn to a GUI config, perhaps, but so much relies on configuration directives that we add in, like status monitoring and interface binding/updating that it would be much more complicated than you think to allow completely custom raw configurations.


Log in to reply