rwendt
Cadet
- Joined
- Nov 21, 2022
- Messages
- 5
Hi I've been trying to setup my VPN provider privatevpn.com on TrueNAS-SCALE-22.02.4.
I had issues adding the CA cert because of KeyUsage errors others on the forums had. I decided to not use the CA in the drop down and add an additional parameter to client config. The UI accepts this but when I go to start the service I get this error. It seems as though the client.conf is never generated.
I can add the client.conf manually and run the following and the vpn is active. However If I stop in the GUI / start it removes this file (probably to maintain sources of truth).
Looking for some clues as to why the client.conf is not being generated.
I had issues adding the CA cert because of KeyUsage errors others on the forums had. I decided to not use the CA in the drop down and add an additional parameter to client config. The UI accepts this but when I go to start the service I get this error. It seems as though the client.conf is never generated.
Code:
remote-cert-tls server
rwendt@truenas:/var/log$ sudo midclt call openvpn.client.config | jq .
[sudo] password for rwendt:
{
"id": 14,
"port": 1194,
"protocol": "UDP",
"device_type": "TUN",
"nobind": true,
"authentication_algorithm": "SHA256",
"tls_crypt_auth": "-----BEGIN OpenVPN Static key V1-----\nf035a3acaeffb5aedb5bc920bca26ca7\nac701da88249008e03563eba6af6d262\n5ac8ba1e5e0921f76be004c24ae4fd43\ne42caf0f84269ad44d8d4c14ba45b138\n6f251c7330d8cc56afd16d5168356456\n51ef7e87a723ac78ae0d49da5b2f2d78\nceafcff7a6367d0712628a6547e5fc8f\nef93c87f7bcd6107c7b1ae68396e944a\nadae50111d01a5d0c67223d667bdbf1b\nf434bdef03644ecc5386e102724eef38\n72f66547eb66dc0fea8286069cb082a4\n1c89083b28fe9f4cec25d48017f26c4f\nd85b25ddf2ae5448dd2bccf3eef2aacf\n42ef1e88c3248c689423d0b05a641e9e\n79dd6b9b5c40f0cc21ffdc891b9eee95\n1477b537261cb56a958a4f490d961ecb\n-----END OpenVPN Static key V1-----",
"cipher": "AES-128-CBC",
"compression": "LZO",
"additional_parameters": "remote-cert-tls server\nclient\ncomp-lzo\npersist-key\npersist-tun\nverb 3\ndata-ciphers AES-128-CBC:AES-256-CBC\ndata-ciphers-fallback AES-128-CBC\nauth-user-pass /etc/openvpn/client/privatevpn.login\nca /etc/openvpn/client/privatevpn_ca.crt",
"remote": "us-jer.pvdata.host",
"client_certificate": null,
"root_ca": null,
"tls_crypt_auth_enabled": true,
"interface": "openvpn-client"
I can add the client.conf manually and run the following and the vpn is active. However If I stop in the GUI / start it removes this file (probably to maintain sources of truth).
Code:
sudo systemctl start openvpn-client@client.service
Looking for some clues as to why the client.conf is not being generated.
