On Fri, Feb 3, 2012 at 2:04 AM, Pete Boyd <[email protected]> wrote: > I have pfSense 1.2.3 setup to use its OpenVPN server. I use TinyCA to > create CA and client certificates and keys on a separate computer, > giving the CA cert to pfSense and the client certs & keys to users. > > If I upgrade pfSense 1.2.3 to 2.0.1, the OpenVPN will migrate fine, but > will OpenVPN clients continue to be able to VPN into the pfSense OpenVPN > server despite them not being in the User Manager, or do I have to > additionally, manually, create accounts and paste in certs & keys using > the User Manager? >
It'll stay exactly as it is. You won't be able to use the OpenVPN Client Export without importing the user keys, but what you already have will work just the same. > I'm expecting them to be able to VPN in fine as they have valid > certificates for that CA, but am wondering if because they're not also > represented in the User Manager that pfSense might block them for that > reason. > Not unless you go in after upgrading, edit the server, and set it for user auth. Then you'll lock the users out since they don't exist to auth. It'll upgrade the same as it is now, without user auth. _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
