Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - 127.0.0.1

Pages1
#1
Virtual private networks / Client export not working
September 05, 2022, 10:43:21 AM
Hi, I'm running OPNSense and using OpenVPN on it. It's been working fine for a few years. Recently the local CA on it I created expired. I created a new CA on it, and any existing users I just re-created their certificates for them using this new CA, and it seems to work fine.

I have hit a problem though, when I create a new users, and I go to download their cert from:

VPN | Open VPN | Client export

The user/cert does not show up here at all.

Something else I noticed was that for the existing users I re-created the certs for, they don't show up as "linked user" in that same section anymore. I can download the cert from there for the user, but it doesn't show "linked user" in the right hand column.

I'm running 22.1.4_1

Any suggestions welcome. I can't create new users at this point.

Thanks in advance
#2
General Discussion / Re: Can't login as root
September 17, 2020, 10:19:08 AM
Many thanks for the answers. SSH and the admin port are locked down and not accessible from external so there is less of a risk. It's good to know there are options but I will probably leave it on 2FA for now then.

Thanks
#3
General Discussion / Re: Can't login as root
September 15, 2020, 02:48:51 PM
Thanks for all the responses.

@fmustafa
I have tried to use the Tester as suggested "System: Access: Tester" When I test root with local DB I get auth successful so the password is definitely correct. If I try log in as root via SSH or the GUI It says incorrect details.

@errored out
I don't think it's setup for 2FA for the root user because under the root user profile it shows nothing in the GUI section for 'OTP Seed'

Saying that I found this article which mentions :  "System ‣ Settings ‣ Administration, section Authentication you should change this to your newly added authentication server to make sure no local user can gain access without 2FA"

https://docs.opnsense.org/manual/how-tos/two_factor.html

I assume that applies to the root account also? Is there a way to not have root as 2FA? (To only be used in case of emergency if there is a problem with 2FA)

Thanks






#4
General Discussion / Can't login as root
September 11, 2020, 01:35:05 PM
I have an Opnsense firewall configured for OpenVPN VPN access with the users configured for 2FA. All is working as expected.

Previously the root account was disabled (I didn't set up the appliance so it was done by someone else) I am now trying to enable the root account again to be used in emergency situation only.



- I re-enabled the root account again under 'system | access | users'
- I have reset the password to one I know.
- Under 'Systems | Settings | Administration' I have made sure that ' Permit root user login ' is checked.


I still don't seem to be able to login with the root account via the administration GUI. The error is:

'Wrong username or password'

Any suggestions?

Thanks
Pages1