Text only | Text with Images

OPNsense Forum

English Forums => 24.7, 24.10 Legacy Series => Topic started by: Arno on November 18, 2024, 12:19:02 PM

Title: VPN Provider - How to go from legacy client to client instance
Post by: Arno on November 18, 2024, 12:19:02 PM
Hi everyone,

For my internet access I use a well known OpenVPN provider. Muliple legacy clients (for multiple countries) are configured. Works fine. How do I go from legacy clients to client instances?
Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: DEC670airp414user on November 18, 2024, 01:23:41 PM
Follow the same steps.    I've moved entirely to instances and have noticed a slight performance increase
Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: Arno on November 18, 2024, 05:56:42 PM
Do I have to use the Authority of the VPN provider? Can't select it in the Trust section when creating a client instance.

Role: Client
Protocol: UDP
Type: TUN
Remote; <vpnserver>:<port>
User: xxxxx
Password: xxxxx

What else?
Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: DEC670airp414user on November 18, 2024, 10:07:52 PM
Yeah everything you used before

VPN- openvpn- instances - static keys lists auth
Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: dseven on November 18, 2024, 11:13:48 PM
One thing I've not found a way to do with OpenVPN instances is specify "data-ciphers". I occassionally use a VPN provider that's probably not keeping their server side up to date, and requires AES-256-CBC. I can hack around it with Advanced configuration in legacy clients, but that mechanism (custom options) is not available with instances, as apparently it's been deemed insecure.
Text only | Text with Images