Text only | Text with Images

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: Darkknight on June 08, 2021, 10:48:52 PM

Title: IOS OpenVPN import failure
Post by: Darkknight on June 08, 2021, 10:48:52 PM
Hi,

I've been trying for a few days to get OpenVPN connect to establish a connection with my OPNSense server. The single file export feature does not seem to be creating a ovpn file that is completely compatible with IOS 14. Using the client export wizard, I email myself the file and import it to OpenVPN connect, where by it fails.

Initially it fails with 'Err CA not defined'. I installed the CA cert from OPNsense into IOS and then enabled it separately through settings as indicated in the german posts about this issue from last year. int he english forum someone mentioned that I needed to include the CA cert in the ovpn file using <ca>crt</ca>. I downloaded the public cert for the CA created through the wizard and pasted the key into the ovpn file and imported that. Now I'm getting tls_process_server_certificate:certificate verify failed. Maybe the key is in the wrong format? Honestly have no idea. Someone else mentioned using OpenSSL to transform the key, but it's not clear if I need to do that, or why this whole process is such a pain in the first place.

This is my 3rd attempt full from scratch to get this to work and there is a problem here I'm not understanding.

If you guys have some suggestions on how to resolve this, I would appreciate it.
Title: Re: IOS OpenVPN import failure
Post by: Dakhor on June 15, 2021, 01:01:00 PM
I have the same issue.

I recently moved from pfSense (where this is very easy to do) to OPNsense to "play" around with some of OPNsense features like Zerotier plugin and Sensei NGFW.

I would also appreciate any "guide" on how to ad IOS devices to a OPNsense OpenVPN Server

Cheers

DaC
Title: Re: IOS OpenVPN import failure
Post by: Greelan on June 15, 2021, 01:13:07 PM
Well, there are the docs: https://docs.opnsense.org/manual/how-tos/sslvpn_client.html
Title: Re: IOS OpenVPN import failure
Post by: Dakhor on June 15, 2021, 06:36:38 PM
Yes of course and following this guide does not work for IOS as the app states some garbled error message. OSX and Windows works no problem.

Cheers

DaC
Title: Re: IOS OpenVPN import failure
Post by: hloiter on June 15, 2021, 07:00:15 PM
With this guide I was able to successfully set it up for my iOS clients ....

https://homenetworkguy.com/how-to/configure-openvpn-opnsense/

Cheers

hloiter
Title: Re: IOS OpenVPN import failure
Post by: Dakhor on June 18, 2021, 11:43:50 AM
Just to report I got it working now - I have no idea why it didnt work before, it must have been user error.

I simply used the export client feature with settings set to file only that resulted in a .ovpn config file that I sent to my iPhone and used it in the OpenVPN app - entered user name and password and it worked just fine.

Be sure to select to export the client / user name at the bottom of page not the "server" one.

Cheers

DaC
Text only | Text with Images