OpenVPN why so hard to download config file?
-
Its a easy way to download config file to server pfsense?
-
(yourpfsense)/diag_backup.php
You restore all or just parts of the configuration on that pageSorry- didnt read your title close enough/
-
But its XML file not a CA or /key or server.ovpn
I find it out: Client Export
-
Because pfSense is designed to maintain OpenVPN via the WebGUI.
If you want to look at the raw configuration files, they are in /var/etc/openvpn.
You can use Diagnostics > Edit file or Diagnostics > Command Prompt, Download File, or use sftp, or scp or vi in ssh whatever to transfer them off, examine them.
It is not hard, but not necessarily supported either.
-
Its works to download ca files, and cer .pem,key i use file under command.
But the most important one did not works .ovpn.
I have a lot issue with linux and VPN, its works better with windows.
-
You installed the package "openvpn-client-export" ?
With that package you export the .opvn file, import it somewhere else and hop, it works -
Its did not help, but i find out a youtube video:
https://www.youtube.com/watch?v=dBOQnApxzzQI guess that may works better.
But its look that is for windows\android. -
Youtube ?
Use the official Netgate channel. There are OpenVPN videos.
-
https://www.youtube.com/watch?v=lp3mtR4j3Lw
this one is the only one.
I think the other video is more to help:
https://www.youtube.com/watch?time_continue=1&v=kK29dMnRDC8did you think pfsense only set local not access from local internet as default?
-
@lmh1 said in OpenVPN why so hard to download config file?:
this one is the only one.
Noop.
Check again : take the entire list https://www.youtube.com/channel/UC3Cq2kjCWM8odzoIzftS04A/videos and do a Ctrl-F. All OpenVPN questions are being discussed.
-
Still did not get it to works:
PHP errors PHP ERROR: Type: 1, File: /usr/local/share/openssl_x509_crl/X509_CERT.php, Line: 56, Message: Uncaught Error: Call to a member function findContext() on null in /usr/local/share/openssl_x509_crl/X509_CERT.php:56 Stack trace: #0 /usr/local/share/openssl_x509_crl/X509_CRL.php(100): Ukrbublik\openssl_x509_crl\X509_CERT::getExtVal_Subject('') #1 /etc/inc/certs.inc(1000): Ukrbublik\openssl_x509_crl\X509_CRL::create(Array, Resource id #80, false) #2 /etc/inc/openvpn.inc(1181): crl_update(Array) #3 /etc/inc/openvpn.inc(1320): openvpn_reconfigure('client', Array) #4 /etc/inc/openvpn.inc(2091): openvpn_restart('client', Array) #5 /etc/inc/service-utils.inc(806): openvpn_restart_by_vpnid('client', '3') #6 /usr/local/www/status_services.php(41): service_control_restart('openvpn', Array) #7 {main} thrown @ 2019-05-13 17:31:00
-
It might help if you don't title your posts why so hard to
-
@lmh1 said in OpenVPN why so hard to download config file?:
Its a easy way to download config file to server pfsense?
So your trying to download some vpn services ovpn file to pfsense directly via cli??
????
your wanting ot use vpn service X.. Then download the file they give you - open it up and put the info into the openvpn client gui settings.
It will take you all of 2 minutes to setup, and is a 1 time thing... Which vpn service are you trying to connect too... Can almost bet they have specific instructions for pfsense..
-
Its more way to download it ( OpenVPNClient Export Utility)
If a client is missing from the list it is likely due to a CA mismatch between the OpenVPN server instance and the client certificate, the client certificate does not exist on this firewall, or a user certificate is not associated with a user when local database authentication is enabled. OpenVPN 2.4 requires Windows Vista or later The "win6" Windows installers include the tap-windows6 driver which requires Windows Vista or later. The "XP" Windows installers work on Windows XP and later versions.
What is needed or not with openVPN setting?
OpenVPN Servers
WAN UDP / 1194
WAN TCP / 1195
Did firewall need to be setup, its show its do it automatic if i select that.
But worst of all, pfsense did not check that i selected is correct, its easy to see in DNS Dynamic DNS Clients if name is wrong i did not get error message only without ip adress, but that is fixed.Can someone explan:
Status OpenVPN
[error] Unable to contact daemon Service not running? 0 0 B / 0 B -
Dude I can not tell what your even trying to do... Are you wanting to run openvpn on pfsense and have your clients connect, or you trying to get pfsense connected to some vpn service?
To get a road warrior to connect to vpn server you run on pfsense - run through the wizard. Install the export client and export the correct ovpn file or exe for your client.. Its that simple..
-
I try to set up openVPN server, to run with DNS name, from https://www.noip.com/
That know its works, but i did not understand why its need that? And how to connect.
I have before issue with netgear AD7200 netgear openvpn serverSo i guess its not more easy to do that with PFsense.
May explan why its not use email signing?So its be more easy?
Or why pfsense did make this more easy? -
I'm done... How hard is it to download a ovpn file from a gui??
Your asking why the admin has pick from a drop down on what should be in the ovpn file for resolution???
-
I did not get openvpn files.
Open VPN server:
WAN UDP / 1194 10.0.8.0/24
fe80::/64 Crypto: AES-128-CBC/SHA256
D-H Params: 2048 bits remote access (tun)
WAN UDP4 / 1195 10.1.8.0/24
Crypto: AES-128-CBC/SHA256
D-H Params: 2048 bits openvpnserver (tun)client:
WAN UDP 10.0.8.0:1195
WAN UDP 10.1.8.0:1194Is this correct config, or did it give issue?
I only get:
OpenVPN Clients
User Certificate Name ExportIf a client is missing from the list it is likely due to a CA mismatch between the OpenVPN server instance and the client certificate, the client certificate does not exist on this firewall, or a user certificate is not associated with a user when local database authentication is enabled.
OpenVPN 2.4 requires Windows Vista or later
The "win6" Windows installers include the tap-windows6 driver which requires Windows Vista or later.
The "XP" Windows installers work on Windows XP and later versions.no files config.
-
If you need help setting up vpn server on pfsense - I suggest you read the docs, or ask in your native language section...
https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/openvpn-remote-access-server.html
I still for the life of me can not figure out what your trying to do...
If your trying to create a openvpn server - then run through the wizard... It takes all of 2 freaking seconds..
If you do not see a client for export - they you prob never created the users cert signed by the ca your using for openvpn
That is what this is saying
"If a client is missing from the list it is likely due to a CA mismatch between the OpenVPN server instance and the client certificate, the client certificate does not exist on this firewall, or a user certificate is not associated with a user when local database authentication is enabled."Is the pfsense web gui not set for your native language? Set the gui language to your native - it might be helpful!!!
-
Yes its on norwegian but that is not the biggest issue, the biggers issue is that software did not give corrrect error message. And documents is hard to understand what is wrong.
they you prob never created the users cert signed by the ca your using for openvpn
But can you show that.
I did not find a way to add certifiate to a user.
its only email not username in CA.
https://www.youtube.com/watch?v=vZpAIKJ9jyADid you also know if some packages that you install mess up this system, in yesterday i need to reset to default setting becauce i install some packes for trying but its give debug issue php files corrupt.
So why did pfsense add poor packages that mess up this system? Its poor.