OpenVPN Client Export Utility - different config on 1.1.3



  • I've updated my OpenVPN Client Export Utility from previous version (I forgot) to latest one (1.1.3) on pfSense 2.1-RELEASE.
    The configuration in file .opvn is a little bit different.

    Previous:

    dev tun
    persist-tun
    persist-key
    proto tcp-client
    cipher BF-CBC
    tls-client
    client
    resolv-retry infinite
    remote x.x.x.x 443
    tls-remote VPN Server Certificate
    auth-user-pass
    pkcs12 firewall3-TCP-443-x.p12
    tls-auth firewall3-TCP-443-x-tls.key 1
    comp-lzo

    Current:

    dev tun
    persist-tun
    persist-key
    cipher BF-CBC
    auth SHA1
    tls-client
    client
    resolv-retry infinite
    remote x.x.x.x 443 tcp
    verify-x509-name VPN Server Certificate name
    auth-user-pass
    pkcs12 firewall3-TCP-443-x.p12
    tls-auth firewall3-TCP-443-x-tls.key 1
    comp-lzo

    Would somebody fix this?



  • What is there to fix?
    Did it break for you?



  • I get errors on some clients about "verify-x509-name VPN Server Certificate name". When I delete it manually it works.



  • @Rossi:

    I get errors on some clients about "verify-x509-name VPN Server Certificate name". When I delete it manually it works.

    I agree. I'm using the latest version of OpenVPN client from openvpn.net and it won't run if I didn't manually change verify-x508-name into tls-remote.


  • Rebel Alliance Developer Netgate

    There is a choice in the latest version to use tls-remote if you need to.

    If you have issues with verify-x509-name then you are not running an OpenVPN 2.3-based version. Make sure you uninstall OpenVPN and reinstall it again with the most current version. An in-place run of the client would likely skip over the actual install if it already detected OpenVPN present on the system.