OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: inc10521 on August 25, 2017, 11:28:46 am

Title: [SOLVED] Open VPN no users showing in export
Post by: inc10521 on August 25, 2017, 11:28:46 am
Hello,

I have used this functionality with version 16.x and that worked fine.
Now i have a new setup with latest version (17.7), created an open vpn server with the wizzard / intern CA etc.
When i create a new user and assign a newly created internal certificate, the user does not show up on the export page.
Also assigning a newly created certificate to an existing user same result.
The export user settings list stays empty...

Am i doing something wrong? Is there new functionality or checkbox i overlooked?

Kind regards and happy with all the help i can get :-)

Marcel
Title: Re: Open VPN no users showing in export
Post by: franco on August 25, 2017, 03:08:00 pm
Hi Marcel,

It's a setting that's missing for sure.

Did you select "Remote Access" mode in the OpenVPN server settings?


Cheers,
Franco
Title: Re: Open VPN no users showing in export
Post by: inc10521 on August 28, 2017, 10:52:27 am
I have double checked the settings...
Like the attached snippings ;-)
Title: Re: Open VPN no users showing in export
Post by: franco on August 28, 2017, 11:22:19 am
It says "------- CA" and "OpenVPN Server CA", not sure if the same?
Title: Re: Open VPN no users showing in export
Post by: inc10521 on August 28, 2017, 12:00:49 pm
I think i have an idea why this is not working :-)

In pf i had an internal CA server/service.
I assumed when going thru the wizzard i had created an CA.
And when i made User Certs i was assuming they where created from a Request of the internal CA.

I can't find an internal CA (Cert Service) as i used to have in pf :-)
Could that be the reason why?

I have to find a "How to OpenVPN with OPNSense" i think ...
Title: Re: Open VPN no users showing in export
Post by: franco on August 28, 2017, 12:34:24 pm
The CA in the server must match the CA issuing the client cert, otherwise the exporter won't show the users because they have no matching certs.

I think the process is the same for both senses, with the exporter's user export being particularly picky about the preconditions. :)


Cheers,
Franco
Title: Re: Open VPN no users showing in export
Post by: inc10521 on September 06, 2017, 11:04:58 am
Thanks Franco!
I noticed a second CA which i was not aware of.

How can i give you kudo's? ;-)

Kind regards,
Marcel
Title: Re: Open VPN no users showing in export
Post by: franco on September 06, 2017, 11:59:56 am
Hi Marcel,

Help someone else some day when you can, that's all. :)

Marking this solved.


Cheers,
Franco