There seems to be a bug in the Client export

[MrCCL]

Error from the OpenVPN client log:
"Options error: remote: bad protocol associated with host vpn.wit.dk: 'UDP'"

In 19.1 the Client export write in the ovpn file: "remote xxx.domain.com 1194 UDP"
This must be specified in small cap letters "udp"

[franco]

Thanks, will be fixed in 19.1.1 tomorrow.


Cheers,
Franco

[MrCCL]

Thanks :-)

Another thing that didn't work in the new "new" config file:

Code: [Select]

verify-x509-name "/C=DK/ST=CPH/L=CPH/O=MyDomain/emailAddress=xxx@domain.com/CN=FW1_SRV_CERT" subject
I had to change it back to the old format:

Code: [Select]

verify-x509-name "FW1_SRV_CERT" nameThis one is more complex. It has more dependencies so hard to say if it is bug or just a misconfiguration on my setup (although it was pretty much created by the wizard).

Now that we have the box open:
The OpenVPN Windows client gives an ugly red warning about password is cached in memory and that you should use "auth-nocache". It's my advice it is added by the exporter by default ;-)

[franco]

Please test on 19.1.1 as soon as that's out and raise tickets via GitHub if the issue persists:

https://github.com/opnsense/core/issues

The forum is terrible for following up on potential bugs, but good for quick coordination.


Cheers,
Franco