Bug #12188
open
client export breaks multi remote configurations
0%
Description
https://forum.netgate.com/topic/165560/1-2-bug-client-export-openvpn-ras-udp-server
Hi,
as stated in above forum post I suggest a change in the way the client exporter currently forces "explicit exit notify" to all OVPN RAS UDP configs. We have quite a few customers that run more complex OVPN setups with TCP backup configurations in a single file (second "remote <peer> tcp 443" statement in the same file) that break with the current exporter, as it writes the "exit notify" into the file that won't work with TCP.
So instead of forcing it via
if (stristr($settings['protocol'], "udp")) {
$conf .= "explicit-exit-notify{$nl}";
}
I'd use an additional toggle like the "legacy format" or "random local port" one
/* Use a random local port, otherwise two clients will conflict if they run at the same time.
May not be supported on older clients (Released before May 2010) */
if (($randomlocalport != 0) && (substr($expformat, 0, 7) != "yealink") && ($expformat != "snom")) {
$conf .= "lport 0{$nl}";
}
and check for the toggle rather than use it on all UDP style VPN services. That way, we can make the toggle on by default but complex setups can disable it and add their additional lines of config in the textbox and save that without generating problems and having to manually edit several dozens of files now.
Cheers
Jens
Updated by 
Updated by