Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN client-connect script: "mode server required" ?

    Scheduled Pinned Locked Moved
    OpenVPN
    2
    7
    3.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NDev
      last edited by

      Hello!

      Im new to pfsense, and i just setup pfsense 2.4.4-RELEASE amd64.
      So far everything is working like a charm.
      I seriously love this firewall already! - Lots of advanced stuff and options!

      OpenVPN is also working and performing well, but i'd like to use the "client-connect" parameter to run a script to mount Windows shares on connect.
      But it always fails when i add it. The log says:

      Options error: --client-connect requires --mode server

      But "mode server" doesn't sound like the correct mode for a windows SSL VPN client, right?
      I see the topic has been discussed here:
      https://forum.netgate.com/topic/45652/openvpn-problems
      But that thread wasnt helpful in my case.

      Is there other option i am missing? Or do i really have to make it "mode server" for some reason?

      here is my client config:

      dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote myDomain.org 1194 udp
auth-user-pass
ca mars-UDP4-1194-ca.crt
tls-auth mars-UDP4-1194-tls.key 1
remote-cert-tls server
script-security 3
client-connect C:\\openvpn-scripts\\up.bat
client-disconnect C:\\openvpn-scripts\\down.bat

      Thanks in advance
      ND

      1 Reply Last reply Reply Quote 0
      • PippinP
        Pippin
        last edited by

        So, you are on Windows running a client to pfSense.
        You are in the wrong forum if that is the case.

        Here is a post I wrote on a Dutch form that describes what you need,
        can use an online translator:
        https://www.synology-forum.nl/vpn-server/openvpn-9-automatisch-share(s)-(ont)koppelen/msg225285/#msg225285

        I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
        Halton Arp

        1 Reply Last reply Reply Quote 0
        • N
          NDev
          last edited by

          Hi Pippin!

          I used the installer-package on the windows-client, that was generated by pfsense itself. So i guess im in the right Forum :)

          Thanks for your link.
          But what u describe is just what i have configured.
          I still get the same error with this.

          Any other suggestions?
          ND

          PippinP 1 Reply Last reply Reply Quote 0
          • PippinP
            Pippin @NDev
            last edited by

            @ndev said in OpenVPN client-connect script: "mode server required" ?:

            But what u describe is just what i have configured.

            No it's not, please try to read carefully.

            I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
            Halton Arp

            1 Reply Last reply Reply Quote 0
            • PippinP
              Pippin
              last edited by

              You want to run a script as a client, that's why:

              Options error: --client-connect requires --mode server

              See now?

              I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
              Halton Arp

              1 Reply Last reply Reply Quote 0
              • N
                NDev
                last edited by

                Yep you are right!
                I seen it now. client-connect is the wrong option in this case, its simply "up".
                I changed it now and its working.

                Thanks!
                Regards , ND

                1 Reply Last reply Reply Quote 0
                • PippinP
                  Pippin
                  last edited by

                  Welcome.

                  I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
                  Halton Arp

                  1 Reply Last reply Reply Quote 0
                  • GertjanG Gertjan referenced this topic
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.