Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Migrating OpenVPN settings from 2.2.6 to 2.3

    General pfSense Questions
    2
    5
    1265
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Koenig last edited by

      How do I migrate OpenVPN settings, certificates and such from my old 2.2.6 setup to my new 2.3 setup as easy as possible?

      There's no "restore" options for the OpenVPN stuff.

      1 Reply Last reply Reply Quote 0
      • C
        cmb last edited by

        Just restore the entire config. If you only want to restore the OpenVPN portion, you can paste the <openvpn>to</openvpn> part of your config, plus any associated certificates, into the appropriate place in your config backup. Keep in mind that will bypass the config upgrade process, so you'll switch from topology net30 to topology subnet. After restoring it, edit the OpenVPN server instance and change it to net30 if you want to retain the previous behavior.

        1 Reply Last reply Reply Quote 0
        • K
          Koenig last edited by

          @cmb:

          Just restore the entire config. If you only want to restore the OpenVPN portion, you can paste the <openvpn>to</openvpn> part of your config, plus any associated certificates, into the appropriate place in your config backup. Keep in mind that will bypass the config upgrade process, so you'll switch from topology net30 to topology subnet. After restoring it, edit the OpenVPN server instance and change it to net30 if you want to retain the previous behavior.

          OK, so I tried pasting everything between <openvpn>and</openvpn> plus all the <cert>…</cert> needed but when I try to import the new config.xml it says "The configuration could not be restored"
          I used Notepad++ on w
          Windows to do all the pasting.

          It seems it does not matter what alteration I do to the config.xml, even if I just open it and alter the LAN IP (192.168.1.1 --> 192.168.2.1, also changing the range for the DCHP to the appropriate) or something like that it still says "The configuration could not be restored"

          1 Reply Last reply Reply Quote 0
          • K
            Koenig last edited by

            Tried to use the edit function of the webgui on the config.xml directly, that ended up with a error which locked me out of the WEB-GUI

            Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 1333 Call Stack: 0.0000 234144 1. {main}() /usr/local/www/index.php:0 0.0001 239456 2. require_once('/usr/local/www/guiconfig.inc') /usr/local/www/index.php:73 0.0003 263000 3. require_once('/etc/inc/authgui.inc') /usr/local/www/guiconfig.inc:79 0.0003 263584 4. include_once('/etc/inc/auth.inc') /etc/inc/authgui.inc:55 0.0008 293920 5. get_configured_ip_addresses() /etc/inc/auth.inc:201 0.0010 300224 6. get_configured_interface_list() /etc/inc/util.inc:1402 Warning: Invalid argument supplied for foreach() in /etc/inc/util.inc on line 1333 Call Stack: 0.0000 234144 1. {main}() /usr/local/www/index.php:0 0.0001 239456 2. require_once('/usr/local/www/guiconfig.inc') /usr/local/www/index.php:73 0.0003 263000 3. require_once('/etc/inc/authgui.inc') /usr/local/www/guiconfig.inc:79 0.0003 263584 4. include_once('/etc/inc/auth.inc') /etc/inc/authgui.inc:55 0.0012 299240 5. get_configured_ipv6_addresses() /etc/inc/auth.inc:208 0.0012 299376 6. get_configured_interface_list() /etc/inc/util.inc:1439

            A reboot fixed that though, but I think it reverted to the config I had before since no certificates or VPN-server settings were present.

            1 Reply Last reply Reply Quote 0
            • C
              cmb last edited by

              Using Notepad++ should be OK, that's what I usually use on Windows. Some other Windows text editors will change the line endings or split up long lines and break the XML.

              You definitely ended up with an invalid XML file in the process though. The reboot would have reverted to the last valid config.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy