Side to side VPN - Options error: --auth-user-pass requires --pull

hispeed

I created a side to side OpenVPN tunnel from Pfsense1 to Pfsense2.

It used to work but it was hard work to get it working with TLS + User Auth. Now I updated both to the latest Pfsense Version and the connection doesn't work anymore.

I recieve this error:

Jul 21 15:39:55 openvpn 13639 Use --help for more information.
Jul 21 15:39:55 openvpn 13639 Options error: --auth-user-pass requires --pull

What information do you need to dive deeper into this? The Problem is with this error it appears when you type in the user and password for "User Auth". If I let those fields blank (username + password) the VPN connection is working fine. So I think the certificates are fine.

I read all tutorials and also videos I did not find any Side to side Tutorial with TLS + User Auth. As always: the only, first and last one on this earth... who tries this to get it working.

I'm talkin about this setting on the client side:

Important: When it's filled out it doesn't event starts to create the VPN tunnel. I don't see any connection on the server side!

Any help is appreciated.

viragomann

@hispeed
Seems the server isn't expecting the authentication data.
Is it set in "SSL/TLS + User Auth" mode?

hispeed

@viragomann

Config from the server:

Yes the server should await TLS + User Auth. As i wrote I think the problem is on the client side because the client doesn't even want to connect when I fill out a password and user.

Rico

Site to Site tunnel does not make any sense with User Auth. This is why the Server Mode is called Remote Access.
Switch over to Peer to Peer (SSL/TLS) and you'll be fine.

-Rico

hispeed

@rico

Sorry I don't understand that why this is not possible or doesn't make any sense.

Peer to Peer = Side to Side
Remote Access = Client to Server (client = Laptop or device from external network)

Me: I want to have: Peer to Peer (SSL/TLS + User Auth) <- Does not exist!

Is this correct?