Zentyal Forum, Linux Small Business Server
Zentyal Server => Other modules => Topic started by: Milbs1979 on May 29, 2019, 10:44:38 am
-
Hi All,
I have an issue on my Zentyal Development Edition Server. Open VPN drops all user authentication after about 4 weeks. OpenVPN does not complete the TLS Handshake. If I regenerate the certificates and reinstall the client then the connectivity is restored. I have checked the certificates are valid and have recreated them to be certain.
As the users can reconnect with a reinstall I believe the networking to be set up correctly. I suspect there is parameter that is set somewhere to disable the access after a certain time. When the service stops it is for all users at the same time. This could be a coincidence though as they are set up at the same time (4 users total).
I would appreciate some guidance - Thank you
-
I have the same issue ....... it is frustrating enough that I am thinking of moving away from Zentyal
-
It's a problem with the default config that got shipped with Zentyal
https://community.spiceworks.com/how_to/158901-how-to-fix-openvpn-zentyal-verify-error-depth-0-error-crl-has-expired-on-ubuntu
Do steps 1 - 2; then in the web interface you have to re-sign all of the existing certificates and redeploy your VPN credentials to your client machines.
Modify message
-
royceb - Thank you for the reply. I will work through these steps later. I really appreciate the help.
-
I worked through he steps and all is working fine now. Resigned and redeployed the certificates to the machines.
Thank you very much for your help.
-
If you can help us find a way to submit this as a ticket/bug i'd think they might push out a change/update
-
Please read this for a useful workaround https://community.spiceworks.com/how_to/158901-how-to-fix-openvpn-zentyal-verify-error-depth-0-error-crl-has-expired-on-ubuntu (https://community.spiceworks.com/how_to/158901-how-to-fix-openvpn-zentyal-verify-error-depth-0-error-crl-has-expired-on-ubuntu)
It seems it should be fixed on Zentyal 6.1
cheers
-
Thank you all for your responses and advice. As an update my VPN has been running now for over the 30 day initial period and all is well!!
-
RE-Upping this. Still persistent. Did a new install on 6.1 and the defaul issue of the 30 - day CRL expiring breaking the entire VPN.