Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Client Export Utility - different config on 1.1.3

    Scheduled Pinned Locked Moved pfSense Packages
    5 Posts 4 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      agismaniax
      last edited by

      I've updated my OpenVPN Client Export Utility from previous version (I forgot) to latest one (1.1.3) on pfSense 2.1-RELEASE.
      The configuration in file .opvn is a little bit different.

      Previous:

      dev tun
      persist-tun
      persist-key
      proto tcp-client
      cipher BF-CBC
      tls-client
      client
      resolv-retry infinite
      remote x.x.x.x 443
      tls-remote VPN Server Certificate
      auth-user-pass
      pkcs12 firewall3-TCP-443-x.p12
      tls-auth firewall3-TCP-443-x-tls.key 1
      comp-lzo

      Current:

      dev tun
      persist-tun
      persist-key
      cipher BF-CBC
      auth SHA1
      tls-client
      client
      resolv-retry infinite
      remote x.x.x.x 443 tcp
      verify-x509-name VPN Server Certificate name
      auth-user-pass
      pkcs12 firewall3-TCP-443-x.p12
      tls-auth firewall3-TCP-443-x-tls.key 1
      comp-lzo

      Would somebody fix this?

      1 Reply Last reply Reply Quote 0
      • GruensFroeschliG
        GruensFroeschli
        last edited by

        What is there to fix?
        Did it break for you?

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • R
          Rossi
          last edited by

          I get errors on some clients about "verify-x509-name VPN Server Certificate name". When I delete it manually it works.

          1 Reply Last reply Reply Quote 0
          • A
            agismaniax
            last edited by

            @Rossi:

            I get errors on some clients about "verify-x509-name VPN Server Certificate name". When I delete it manually it works.

            I agree. I'm using the latest version of OpenVPN client from openvpn.net and it won't run if I didn't manually change verify-x508-name into tls-remote.

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              There is a choice in the latest version to use tls-remote if you need to.

              If you have issues with verify-x509-name then you are not running an OpenVPN 2.3-based version. Make sure you uninstall OpenVPN and reinstall it again with the most current version. An in-place run of the client would likely skip over the actual install if it already detected OpenVPN present on the system.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.