OpenVPN client specific override Error?
-
Hello,
I am trying to follow the guide below to configure a single multi-purpose openvpn instance.
https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/configuring-a-single-multi-purpose-openvpn-instance.htmlHowever, when I create the client specific override, it looks like Pfsense deletes it after i click save? I don't see what I created under the client specific override tab.
I then notice that there is a notification that says "PfSenseConfigurator
pfSense is restoring the configuration /cf/conf/backup/config-1586591.xml @ 2020-04-13 16:00:41"Does anyone have any advice?
- Victoria
-
I never had this error but assume you are filling special/international characters in the CSO fields?
-Rico
-
screenshots of the Client Spec Override please
-
@Rico I'm not really sure. I am just trying to follow the guide by netgate. I am thinking what it says to paste in the Advanced section counts as special characters?
-
"10.33.x.0" is no valid network...
You can use the IPv4 Tunnel Network box in CSO to push the route(s) anyway which would be the better solution.-Rico
-
@Rico Oh! I'll look into the IPv4 Tunnel Network box.
I did change the route to push"route 10.33.127.0 255.255.255.0" but got the same outcome.Thank you.
-
the only IPs you have to set in openVPN Server are here (and afaik no where else)
show the config of your setting openVPN (screenShot) and of client specific override
-
@noplan Ah maybe that's my issue. I haven't set a DNS or NTP Server
This is what i Have as my ipv4 tunnel network
-
dns is nice
ntp not nescessarymy point was that you do not need more IPs than those
out of the blue is your openVPN tunnel workin without client spec override ?
what is workin and what is the issue ?
-
@noplan
Thanks for the info.
I've never worked with client spec override. I am trying to set it up.
The issue is that when I go to save what I enter it seems to go missing.
If I go back to look at the changes I save, it is empty under the Client Specific Overrides tab.
Is that normal?
-
only things to choose n use for qnD
pre requirements (ad user and cert are all done and a client can connect and openVPN is wrokin)
put here the IP for the override in CIDR format
optional depends on your settings
if you believe me that i#m right if not not nescessary to fill some in
-
Whops, sorry to say I told you the wrong CSO box (already had my 10 hrs workday ;-)). Correct is IPv4 Local Network/s and NOT IPv4 Tunnel Network.
But mostly you would define the networks/routes to push in the Server configuration.-Rico
-
@Rico
word! i do not need to unserstand why i would do this ;)
CSO local networks but here in ausrtia a lot of things are possible ;)
