Jump to content
Not connected, Your IP: 3.15.2.239
juniormaxx

ANSWERED New config files don't seem to work on pfsense V2.3.4

Recommended Posts

my internet wasn't working so i downloaded a new config file and after entering in the new IP address i can't access the internet.
there seems to be new data on the file.  do i need to go and change settings to get it working?

this was from the original file.

resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
route-delay 5
verb 3
explicit-exit-notify 5
push-peer-info
setenv UV_IPV6 yes
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
key-direction 1
<ca>

this is what's in the new file.

 

resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
explicit-exit-notify 5
push-peer-info
setenv UV_IPV6 yes
remote-cert-tls server
comp-lzo no
data-ciphers CHACHA20-POLY1305:AES-256-GCM:AES-256-CBC:AES-192-GCM:AES-192-CBC:AES-128-GCM:AES-128-CBC
data-ciphers-fallback AES-256-CBC
proto udp
auth SHA512
<ca>


it also looks as if the key has changed.

hope someone can help me out.

Share this post


Link to post

That's an old pfsense (with an old version of openvpn in it) but you may be downloading a config that's made for newer versions of openvpn.

Share this post


Link to post

the version works great, i've left it this way cause any time i updated it had a lot of problems.  so i guess i've got no choice but to update.
thanks for your input.

Share this post


Link to post
9 hours ago, juniormaxx said:

the version works great, i've left it this way cause any time i updated it had a lot of problems.  so i guess i've got no choice but to update.
thanks for your input.


first verify what I've said - that the configs are made for a newer version of openvpn than is on the machine.  maybe there's a choice of configs or you can make a slight change and it'll work

Share this post


Link to post

Hello!

For the readers: the problem was caused by OpenVPN 2.5 configuration files used on OpenVPN 2.3.
Remember that OpenVPN 2.5 profiles broke backward compatibility with the addition of new directives and other modifications. If you need a file for OpenVPN 2.3 and 2.4 you must tell the Configuration Generator to generate a profile for OpenVPN 2.4 by setting "OpenVPN Type" comb box to the proper version. In case of OpenVPN 2.3 you must also take care to connect to entry-IP address 1 (ONE) because OpenVPN 2.3 supports only tls-auth, which is NOT offered on entry-IP addresses 3 and 4.

If you have the chance to do so, anyway, please consider to drop obsolete OpenVPN versions and upgrade.

Kind regards

Config_Generator_screenshot.thumb.png.919cb2f5b00f51775209ce9ad73c024f.png
 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...