Hi there,
so I've got a working ovpn server (legacy!) and, coming with 24.1, its menu entry is now flagged as "legacy". So I decided to give the new instance GUI a try.
Currently I've set up various rules under Firewall > Rules > openVPN that are working (yes, I can see them under Firewall > Log Files > Live View (e.g.)). Although I've never set up an IF for ovpn via Interfaces > Assignments, I always had that particular menu entry as described earlier.
So, back to topic. I've set up the instance, exported the ovpn profile and I'm able to connect. I can see the client under VPN > OpenVPN > Connection Status and an IP address that is within the specified IP-range.
But.. now the FW rule menu entry is gone and my client is not able to do anything. I understand this behavior as it's "block everything" by default.
My question now is, how do I get this working - do I have to manually assign an IF for the new instance and create new rules for ovpn from scratch?
Many thanks for your time!
Normally, all OpenVPN interfaces are grouped as "OpenVPN" and you can simply write an allow rule for the OpenVPN client traffic. If this doesn't work, you might have found a bug and should report it here: https://github.com/opnsense/core/issues
hi there, thanks for confirmation (regarding the grouping of ovpn IFs).
got it working after installing 24.1.1 (i doubt that's the reason, because looking into https://forum.opnsense.org/index.php?topic=38644.0 the only ovpn-relevant change has nothing to do with my reported issue).
tbh, didn't change my "approach"; deactivate old "server" -> set up new "instance" -> export profile -> activate "instance" -> connection / accessibility checks.
again, thanks for your time, cs1!