Project

General

Profile

Bug #9674

hidden OpenVPN settings are validated and written to file

Added by Wayne Marsh 4 months ago. Updated about 2 months ago.

Status:
Feedback
Priority:
Normal
Category:
OpenVPN
Target version:
Start date:
08/06/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
Affected Architecture:

Description

I had two instances where configurations not visible on the OpenVPN server creation window were affecting saving the server and the running of the server.

I am configuring a client and server for "peer to peer ( pre-shared key )" on two separate pfSense installations. The first issue arose while configuring the client.

Client issue:
The authentication username and password on the "peer to peer ( tls/ssl )" server mode option. The password did not match so it would not save. Checking server mode to "peer to peer ( pre-shared key )" to "peer to peer ( tls/ssl )" made the username and password fields available. Clearing out these, allowed me to save the client.

Server issue:
This was regarding the "duplicate-cn" option in the /var/etc/openvpn/server1.conf. Again, server mode was configured for "peer to peer ( pre-shared key )" however, the "Duplicate Connection" checkbox visible in the "peer to peer ( tls/ssl )" server mode configuration screen was checked. I changed the server mode to "peer to peer ( tls/ssl )", unchecked the checkbox. Once I set the server mode back to "peer to peer ( pre-shared key )" and saved it, the server daemon started without issue.

Associated revisions

Revision 4d29b2de (diff)
Added by Renato Botelho about 2 months ago

Ticket #9674: Do not check password when using shared key

Revision 4e42da90 (diff)
Added by Renato Botelho about 2 months ago

Fix #9674: Do not set duplicate-cn in p2p_shared_key mode

Revision 743d7fc4 (diff)
Added by Renato Botelho about 2 months ago

Ticket #9674: Do not check password when using shared key

Revision 2db1578d (diff)
Added by Renato Botelho about 2 months ago

Fix #9674: Do not set duplicate-cn in p2p_shared_key mode

History

#1 Updated by Jim Pingle 3 months ago

  • Project changed from pfSense Packages to pfSense
  • Category set to OpenVPN
  • Target version set to 2.5.0

#2 Updated by Renato Botelho about 2 months ago

  • Assignee set to Renato Botelho

#3 Updated by Renato Botelho about 2 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

Also available in: Atom PDF