Closed mimugmail closed 6 years ago
yep .. only using certs and shared key, no user/pw in client config.
If you like I can always offer teamviewer session etc.
ok, thanks, it looks like https://github.com/opnsense/core/blob/870b17e09ef8e97711bc6518e910e7a23c47acdb/src/etc/inc/plugins.inc.d/openvpn.inc#L603 is a bit late to the party here.
If I can test a patch let me know, the client at the production site now uses a different VPN so I can test anytime :)
@mimugmail can you check https://github.com/opnsense/core/commit/9d35f1719896925b774875f266830c3436affdeb ? it looks like client-connect sends the location, which is different then the auth workflow.
It's working great now, thanks! But now with the latest master I can't start clamav anymore .. @fichtner ?
root@pme-fw:~ # /usr/local/etc/rc.d/clamav-clamd start
Starting clamav_clamd.
Illegal option -c
Usage: man opnsense-shell
/usr/local/etc/rc.d/clamav-clamd: WARNING: failed to start clamav_clamd
This is my fault, though I’m not sure WTH is wrong with it. It should first an foremost push a command to su, not a parameter “-c”
You can revert d12a59460 for now
@mimugmail thanks for testing, closing it now.
Works! :)
@AdSchellevis can you check this one? https://forum.opnsense.org/index.php?topic=9322.0
Seems the guys also has a solution but you know better :)
@mimugmail you need the logs to know for sure, if you don't cleanup the cso file, it logically picks it up the next time, but has the disadvantage that the profile used might be different then expected.
To achieve there should be
ifconfig-push Framed-IP-Address Framed-IP-Network
Since ifconfig-push is the same as "IPv4 Tunnel Network" in CSC, the checkbox should disable "IPv4 Tunnel Network" or a if check when enabled to alter the value of "IPv4 Tunnel Network" when set.