Hi Erik,
I reverted back to OpenVPN-2.4.9 and had working clients. If I go into an existing client in edit mode and just press save then the "Download Insecure Client Package (zip)" icon also appears and if pressed also comes up with the Internal Server Error. So there is a problem with this but not related to your work on OpenVPN.
However, with 2.4.9 when I press the OpenVPN Connection Statistics button, I very quickly have statistics information on my open connections whereas nothing showed at all with the new ovpnmain.cgi.
Regards,
Adolf.
On 30/11/2020 15:19, Adolf Belka wrote:
Hi Erik,
On 30/11/2020 13:41, ummeegge wrote:
Hi Adolf, if you have time can you please make a short test with the new cgi ? If you press the yellow pencile for an existing RW connection and without modification, press only the save button, please use if presant one connection which have a zone in "Client has access to these networks on IPFire's site" configured.
I get currently a error message "Route 192.168.2.0/255.255.255.0 Already used by another client. (192.168.2.0/255.255.255.0) ". Am working in this section for a menu to modify new but also existing client configuration to give the possiblity to set also the new --data-ciphers directive but i get this error also after reverting the code... Tomatoes on eyes currently...
It might great to have there a feedback from you if this works you.
I get no error message when I press save. This is whether the client is connected or is not connected via the vpn. The only thing I had happen is that the icon for "Download Insecure Client Package (zip)" becomes present and if I click on that then I get an Internal Server Error message. All other icons work fine. All other existing clients do not have the insecure client package icon.
The only other thing I have noticed is that if I click on the OpenVPN Connection Statistics button I get a screen with a table with the headings but no data showing. Not sure if this is related to the work you are doing. I will revert back to the 2.4.9 version and see if something shows in that table after a while.
Hope this helps,
Regards,
Adolf
Best,
Erik
Am Sonntag, den 29.11.2020, 14:12 +0100 schrieb Adolf Belka:
Hi Erik,
I have successfully installed OpenVPN-2.5.0 and the new ovpnmain.cgi and language files onto my system. Everything is working fine. I can see the new tab for encryption options. All my existing settings were maintained. All three of my clients are able to successfully connect with no problem and are connecting with the encryption options I have previously specified.
I have not had to modify anything for it to successfully work with the existing settings.
Looks very nice. Congratulations on your work so far. Hopefully more testers will also not have any problems (fingers crossed).
Regards,
Adolf.
On 29/11/2020 12:15, ummeegge wrote:
Hi all, another bug has been fixed --> https://git.ipfire.org/?p=people/ummeegge/ipfire-2.x.git;a=commit;h=211bce2d... . If the save button in the global section is used, it deletes the --auth parameter, this diff fixes it. for manual changes:
--- /srv/web/ipfire/cgi- bin/ovpnmain.cgi_advanced_encryption 2020- 11-27 10:37:47.405168037 +0100 +++ /srv/web/ipfire/cgi-bin/ovpnmain.cgi 2020-11-29 11:59:02.846338304 +0100 @@ -1303,7 +1303,6 @@ $vpnsettings{'DDEST_PORT'} = $cgiparams{'DDEST_PORT'}; $vpnsettings{'DMTU'} = $cgiparams{'DMTU'}; $vpnsettings{'DCOMPLZO'} = $cgiparams{'DCOMPLZO'}; - $vpnsettings{'DAUTH'} = $cgiparams{'DAUTH'}; #wrtie enable if ( $vpnsettings{'ENABLED_BLUE'} eq 'on' ) {system("touch ${General::swroot}/ovpn/enable_blue 2>/dev/null");}else{system("unlink ${General::swroot}/ovpn/enable_blue 2>/dev/null");}
Am Samstag, den 28.11.2020, 06:52 +0100 schrieb ummeegge: Hi all, made some fixes
- --tls-auth will now be displayed and saved correctly.
- de.pl needed other 'save-enc-options' name since it was a double.
Fixes tls-crypt key generation.
- Fixed comments and changed box size to prevent line break.
New version is here
https://git.ipfire.org/?p=people/ummeegge/ipfire-2.x.git;a=commit;h=7bd13546...
located.
Best,
Erik
Am Donnerstag, den 26.11.2020, 19:47 +0100 schrieb ummeegge: Hi all, for the interested ones, have push the current state to my repo which can be found in here --> https://git.ipfire.org/?p=people/ummeegge/ipfire-2.x.git;a=commit;h=34af1d71... feel free to test and criticize it :-) .
After integration and configuration, the 'save' button in the global section should also be pushed since --cipher will replaced by -- data- channel-fallback. For the langs files, a update-lang-cache should be executed via console so the changes can take affect.
Happy testing. Best,
Erik