Can't connect to VPN

Started by mircsicz, May 17, 2016, 06:04:50 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 17, 2016, 06:04:50 PM Last Edit: May 17, 2016, 06:11:29 PM by mircsicz
I've manually converted my pfSense 2.3 Setup on a Version 2 APU to OPNsense. Everything works as expected except the OpenVPN Tunnel's...

I've reimported all the old certificate's but it seem's the CA doesn't recognize the reimported Cert's as member's of itself...



Any hints are welcome
May 17, 2016, 06:17:12 PM #1
Hmm, I would generate new certs on the server and distribute them safely to the clients....
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
May 17, 2016, 06:55:46 PM #2
No chance to go that route, there are client's I can only reach through VPN...
May 17, 2016, 08:06:37 PM #3
Hi there,

If you can provide a server and client cert I will look into it right away. PM or email (franco@project.tdl) for details.

Maybe it's just a fixup of the config that is needed after import, but for the sake of UX, the import should be fixed if possible.


Cheers,
Franco
May 18, 2016, 06:27:24 AM #4
Hey Franco,

it seems you got a typo in your mailadress...
May 18, 2016, 07:54:46 AM #5
Right, I did not want to explicitly name "opnsense.org" for email crawling reasons, sorry. :)
May 18, 2016, 12:26:09 PM #6
LOL & Arghhh

I've created a new CA and a server & client cert. But even that new CA doesn't recognize the 2 certs I created within the Web GUI! So for me it looks like I hit a bug?!?


Sent with Tapatalk from my iOS Device
May 18, 2016, 12:35:13 PM #7
Can you run me through your steps in order to reproduce? I'm seeing created certs in my local install with OpenVPN so far.
May 18, 2016, 06:40:32 PM #8 Last Edit: May 18, 2016, 06:45:44 PM by mircsicz
hi Franco,

dropped you a mail... Let me know if you still need the cert's.
May 18, 2016, 07:34:35 PM #9
At least the cert count issue is fixed. Thanks for your help so far.
May 18, 2016, 08:12:28 PM #10
Thank you so much franco, that kind of trapped me yesterday... I'll upgrade next week and see how that changes the picture!

I'll report back
May 18, 2016, 08:43:01 PM #11
You can patch your running install, the patch is harmless:

# cd /usr/local/www
# fetch https://raw.githubusercontent.com/opnsense/core/7aa0cd11ab/src/www/system_camanager.php


Cheers,
Franco
Print
Go Up Pages1
User actions