OPNsense Forum

Archive => 19.1 Legacy Series => Topic started by: Tubs on May 11, 2019, 03:14:27 pm

Title: openvpn client export not working
Post by: Tubs on May 11, 2019, 03:14:27 pm

Hello,

after my issue with nginx if solved, I am faced with the next issue in OPNsense 19.1.7. The openvpn client export is not working. openvpn is set-up acc. wiki as road warrior. Certs for server and client are created by OPNsense CA. But when I now go to --> VPN --> Clientexport and press the button next to the user nothing happens. The browser shows loading activity for a while, but no file is coming. In the log files I cannot find any error.

Is there cli command to create the ovpn file instead of GUI?

Title: Re: openvpn client export not working
Post by: bartjsmit on May 11, 2019, 07:34:59 pm

You can construct the ovpn client files from the skeleton below.

VPN, OpenVPN, servers, edit your server to find the cipher, auth, and TLS authentication.

System, Trust, Certificates to find the CN of the server certificate. Use the export buttons to get the server cert, and each user's cert and key.

Bart...

persist-tun
persist-key
cipher AES-128-CBC
auth SHA256
tls-client
client
remote <your.server.fqdn> 1194 udp
lport 0
verify-x509-name "OPNsense Cert" name
auth-user-pass
remote-cert-tls server
<ca>
Base64 text of your OPNsense CA cert
</ca>
<cert>
Base64 text of the user cert
</cert>
<key>
Base64 text of the user key
</key>
<tls-auth>
Copy of the TLS key Base64 from your OpenVPN server page
</tls-auth>
key-direction 1

Title: Re: openvpn client export not working
Post by: Tubs on May 12, 2019, 01:09:06 pm

Thank you,

with a manual set-up I got it run.
But still I believe, if there is an export function implemented it should work.