Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Incorrect tls-auth setting for Peer to Peer SSL/TLS OpenVPN with tls-auth

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jlc
      last edited by

      Hi,

      PFsense 2.1 OpenVPN Client.

      In order to connect to my vpn provider I need to manually change the tls-auth direction in /var/etc/openvpn/client.conf.

      From: tls-auth /var/etc/openvpn/client2.tls-auth 1        To: tls-auth /var/etc/openvpn/client2.tls-auth

      See this for reference:  https://redmine.pfsense.org/issues/1198.

      My question is, How can I have pfsense write the corect line in the client.conf file. I can change the line manually and it works until reboot, I want to make it persistent.

      Thanks

      1 Reply Last reply Reply Quote 0
      • D
        DirtDiver
        last edited by

        I have the same problem with my provider. Did you find a solution to this?

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          You can copy that tls auth key to a file somewhere else (e.g. /root/ta.key) and then use the advanced options box to write your own custom line pointing to the file, and disable the GUI option for TLS. For example

          tls-auth /root/ta.key 0;
          

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • D
            DirtDiver
            last edited by

            Great tip! Worked like a charm. Thanks a lot.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.