Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Migrating OpenVPN settings from 2.2.6 to 2.3

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Koenig
      last edited by

      How do I migrate OpenVPN settings, certificates and such from my old 2.2.6 setup to my new 2.3 setup as easy as possible?

      There's no "restore" options for the OpenVPN stuff.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Just restore the entire config. If you only want to restore the OpenVPN portion, you can paste the <openvpn>to</openvpn> part of your config, plus any associated certificates, into the appropriate place in your config backup. Keep in mind that will bypass the config upgrade process, so you'll switch from topology net30 to topology subnet. After restoring it, edit the OpenVPN server instance and change it to net30 if you want to retain the previous behavior.

        1 Reply Last reply Reply Quote 0
        • K
          Koenig
          last edited by

          @cmb:

          Just restore the entire config. If you only want to restore the OpenVPN portion, you can paste the <openvpn>to</openvpn> part of your config, plus any associated certificates, into the appropriate place in your config backup. Keep in mind that will bypass the config upgrade process, so you'll switch from topology net30 to topology subnet. After restoring it, edit the OpenVPN server instance and change it to net30 if you want to retain the previous behavior.

          OK, so I tried pasting everything between <openvpn>and</openvpn> plus all the <cert>…</cert> needed but when I try to import the new config.xml it says "The configuration could not be restored"
          I used Notepad++ on w
          Windows to do all the pasting.

          It seems it does not matter what alteration I do to the config.xml, even if I just open it and alter the LAN IP (192.168.1.1 --> 192.168.2.1, also changing the range for the DCHP to the appropriate) or something like that it still says "The configuration could not be restored"

          1 Reply Last reply Reply Quote 0
          • K
            Koenig
            last edited by

            Tried to use the edit function of the webgui on the config.xml directly, that ended up with a error which locked me out of the WEB-GUI

            Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 1333 Call Stack: 0.0000 234144 1. {main}() /usr/local/www/index.php:0 0.0001 239456 2. require_once('/usr/local/www/guiconfig.inc') /usr/local/www/index.php:73 0.0003 263000 3. require_once('/etc/inc/authgui.inc') /usr/local/www/guiconfig.inc:79 0.0003 263584 4. include_once('/etc/inc/auth.inc') /etc/inc/authgui.inc:55 0.0008 293920 5. get_configured_ip_addresses() /etc/inc/auth.inc:201 0.0010 300224 6. get_configured_interface_list() /etc/inc/util.inc:1402 Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 1333 Call Stack: 0.0000 234144 1. {main}() /usr/local/www/index.php:0 0.0001 239456 2. require_once('/usr/local/www/guiconfig.inc') /usr/local/www/index.php:73 0.0003 263000 3. require_once('/etc/inc/authgui.inc') /usr/local/www/guiconfig.inc:79 0.0003 263584 4. include_once('/etc/inc/auth.inc') /etc/inc/authgui.inc:55 0.0012 299240 5. get_configured_ipv6_addresses() /etc/inc/auth.inc:208 0.0012 299376 6. get_configured_interface_list() /etc/inc/util.inc:1439

            A reboot fixed that though, but I think it reverted to the config I had before since no certificates or VPN-server settings were present.

            1 Reply Last reply Reply Quote 0
            • C
              cmb
              last edited by

              Using Notepad++ should be OK, that's what I usually use on Windows. Some other Windows text editors will change the line endings or split up long lines and break the XML.

              You definitely ended up with an invalid XML file in the process though. The reboot would have reverted to the last valid config.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.