[SOLVED] Open VPN no users showing in export

[inc10521]

Hello,

I have used this functionality with version 16.x and that worked fine.
Now i have a new setup with latest version (17.7), created an open vpn server with the wizzard / intern CA etc.
When i create a new user and assign a newly created internal certificate, the user does not show up on the export page.
Also assigning a newly created certificate to an existing user same result.
The export user settings list stays empty...

Am i doing something wrong? Is there new functionality or checkbox i overlooked?

Kind regards and happy with all the help i can get :-)

Marcel

[franco]

Hi Marcel,

It's a setting that's missing for sure.

Did you select "Remote Access" mode in the OpenVPN server settings?


Cheers,
Franco

[inc10521]

I have double checked the settings...
Like the attached snippings ;-)

[franco]

It says "------- CA" and "OpenVPN Server CA", not sure if the same?

[inc10521]

I think i have an idea why this is not working :-)

In pf i had an internal CA server/service.
I assumed when going thru the wizzard i had created an CA.
And when i made User Certs i was assuming they where created from a Request of the internal CA.

I can't find an internal CA (Cert Service) as i used to have in pf :-)
Could that be the reason why?

I have to find a "How to OpenVPN with OPNSense" i think ...

[franco]

The CA in the server must match the CA issuing the client cert, otherwise the exporter won't show the users because they have no matching certs.

I think the process is the same for both senses, with the exporter's user export being particularly picky about the preconditions.


Cheers,
Franco

[inc10521]

Thanks Franco!
I noticed a second CA which i was not aware of.

How can i give you kudo's? ;-)

Kind regards,
Marcel

[franco]

Hi Marcel,

Help someone else some day when you can, that's all.

Marking this solved.


Cheers,
Franco