OpenVPN config export what is login??
-
I'm not an expert on OpenVPN, so I feel like something isn't right with what I've setup here.
I used the wizard to setup the server, and created 2 users. One is a user for myself, the other is a user for an external server I want to create a persistent tunnel with.
I started testing with my user account on my laptop. But then ran into the same problem on this server when attempting to do the same thing:
[myuser]@[myserver]:/etc/openvpn$ sudo openvpn /etc/openvpn/pfsense-udp-1194/pfsense-udp-1194.ovpn Sun Jan 1 22:38:15 2012 OpenVPN 2.1.0 x86_64-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010 Enter Auth Username:******* Enter Auth Password: Sun Jan 1 22:38:21 2012 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Sun Jan 1 22:38:21 2012 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page). Sun Jan 1 22:38:21 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Sun Jan 1 22:38:21 2012 Error opening file pfsense-udp-1194.p12 (OpenSSL) Sun Jan 1 22:38:21 2012 Exiting
I cannot figure out the correct username and password to open this .p12 file. I tried the login for the user as created on the local database on the pfsense router, I've tried other accounts, I've tried other possible variations that I considered possibilities… nothing works. I've also tried blank username, blank passwords, etc... but that went nowhere, too.
I FINALLY got it working on my laptop, but I had to export a viscosity configuration, and install that (which is only a 30-day trial). I guess that export was configured with no password on the .p12 file.
Help! Maybe my configuration is too locked down, but maybe it's just standard. I don't know a whole lot about OpenVPN, admittedly.
-
In general there is no password for the .p12 file as long as you did not enter one.
Did you use the "Client Export Utility" to export the client configuration + cert ?If yes, there is an option which is by default unchecked:
"Use a password to protect the pkcs12 file contents or key in Viscosity bundle."I have to mention that I do not use the wizard to create an OpenVPN server but there should not be any difference.
-
Thanks for the reply.
Yes, I used the exporter, and I had that option deselected (as was the default). Something must be wrong with the exporter then. Hmmm
-
The export utility is working fine. I tried it today on a VM with pfsense 2.0.1 amd64 - but without the wizard.
Delete the OpenVPN server and try again with the wizard or without the wizard.