From: Michael Tremer <michael.tremer@ipfire.org>
To: Adolf Belka <adolf.belka@ipfire.org>
Cc: "IPFire: Development-List" <development@lists.ipfire.org>
Subject: Re: Testing out CU198 with OpenVPN-2.7_alpha3
Date: Mon, 18 Aug 2025 12:47:58 +0100 [thread overview]
Message-ID: <2347C9DE-BFB2-4C0A-8715-4E501FAE70DF@ipfire.org> (raw)
In-Reply-To: <63886579-ceeb-44a6-b24c-0bb72632a0b5@ipfire.org>
Hello Adolf,
This is really valuable work because we might have to start transitioning OpenVPN changes a lot sooner than the final release is coming out because of all this bad, static configuration stuff on both sides of the connection.
But this actually proves the opposite. The —-persist-key option can be easily dropped then. We use it everywhere and it will then become the default. Very good.
Regarding the status, there have been many changes over the years and it usually should be easy to fix it. Normally more information is being added and we just need to account for it. Hopefully that is a 5 minute job.
So with this information, I am very relaxed and hopeful that the new 2.7 release will be an easy update for us and everyone using OpenVPN.
Best,
-Michael
> On 17 Aug 2025, at 14:43, Adolf Belka <adolf.belka@ipfire.org> wrote:
>
> Hi All,
>
> I have built and done initial testing of CU198 with OpenVPN-2.7_alpha3. Here is my initial feedback.
>
> My N2N connection connected and I could ping between both ends. The status on the OpenVPN WUI page showed as Connected.
>
> Only item was that when rebooting the following message shows up in the boot log when the N2N connection is started
>
> DEPRECATED: --persist-key option ignored. Keys are now always persisted across restarts.
>
>
> I the tested out the old existing Android and Linux Laptop client connections.
>
> In both cases at the client ends they said they were connected.
>
> On the Linux Laptop I could ping to a PC on the green network. For both the Linux Laptop and Android phone I could access the WUI page of the IPFire system. The logs showed that the clients were connected.
>
> However in both cases the OpenVPN WUI page stayed showing the RW connections as disconnected. Accessing the OpenVPN Connection Statistics never showed any connection existing.
>
> So the status methodology for the RW's does not seem to be working with OpenVPN-2.7, even though the connections were successfully connected and the standard openvpn logs show the rw clients as connected.
>
> I will have another go with new client connections and see if that shows anything different with regard to the status.
>
> Also need to remember this is the alpha3 release so there might be bugs still and maybe that is what I am experiencing.
>
> So RW connections get made but stay showing as disconnected when they are actually connected.
> N2N connections show as connected and are connected.
>
> Regards
>
> Adolf
>
>
prev parent reply other threads:[~2025-08-18 11:48 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-17 13:43 Adolf Belka
2025-08-18 11:47 ` Michael Tremer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2347C9DE-BFB2-4C0A-8715-4E501FAE70DF@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=adolf.belka@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox