Show Posts
1
21.1 Legacy Series / IOS OpenVPN import failure
« on: June 08, 2021, 10:48:52 pm »
Hi,
I've been trying for a few days to get OpenVPN connect to establish a connection with my OPNSense server. The single file export feature does not seem to be creating a ovpn file that is completely compatible with IOS 14. Using the client export wizard, I email myself the file and import it to OpenVPN connect, where by it fails.
Initially it fails with 'Err CA not defined'. I installed the CA cert from OPNsense into IOS and then enabled it separately through settings as indicated in the german posts about this issue from last year. int he english forum someone mentioned that I needed to include the CA cert in the ovpn file using <ca>crt</ca>. I downloaded the public cert for the CA created through the wizard and pasted the key into the ovpn file and imported that. Now I'm getting tls_process_server_certificate:certificate verify failed. Maybe the key is in the wrong format? Honestly have no idea. Someone else mentioned using OpenSSL to transform the key, but it's not clear if I need to do that, or why this whole process is such a pain in the first place.
This is my 3rd attempt full from scratch to get this to work and there is a problem here I'm not understanding.
If you guys have some suggestions on how to resolve this, I would appreciate it.
I've been trying for a few days to get OpenVPN connect to establish a connection with my OPNSense server. The single file export feature does not seem to be creating a ovpn file that is completely compatible with IOS 14. Using the client export wizard, I email myself the file and import it to OpenVPN connect, where by it fails.
Initially it fails with 'Err CA not defined'. I installed the CA cert from OPNsense into IOS and then enabled it separately through settings as indicated in the german posts about this issue from last year. int he english forum someone mentioned that I needed to include the CA cert in the ovpn file using <ca>crt</ca>. I downloaded the public cert for the CA created through the wizard and pasted the key into the ovpn file and imported that. Now I'm getting tls_process_server_certificate:certificate verify failed. Maybe the key is in the wrong format? Honestly have no idea. Someone else mentioned using OpenSSL to transform the key, but it's not clear if I need to do that, or why this whole process is such a pain in the first place.
This is my 3rd attempt full from scratch to get this to work and there is a problem here I'm not understanding.
If you guys have some suggestions on how to resolve this, I would appreciate it.