SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
| Anonymous | Login | 2022-01-25 08:20 UTC |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0002682 | Endian Firewall | Network related (VPN, uplinks) | public | 2010-02-14 20:00 | 2012-07-20 12:00 | ||||||
| Reporter | fabiana | ||||||||||
| Assigned To | |||||||||||
| Priority | normal | Severity | trivial | Reproducibility | always | ||||||
| Status | confirmed | Resolution | open | ||||||||
| Platform | OS | OS Version | |||||||||
| Product Version | 2.3 | ||||||||||
| Target Version | future | Fixed in Version | |||||||||
| Summary | 0002682: global OpenVPN DCHP Options not pushed when using X509 without having accounts | ||||||||||
| Description | Push domain, Push these nameservers options doesn't work. Would be nice to also have push "dhcp-option WINS a.b.c.d". Workaround with adding push "dhcp-option DNS a.b.c.d" push "dhcp-option DNS a.b.c.d" push "dhcp-option WINS a.b.c.d" push "dhcp-option DOMAIN domain.tld" to /etc/openvpn/openvpn.conf.tmpl | ||||||||||
| Tags | purple | ||||||||||
| Attached Files | |||||||||||
 Relationships |
||||||
|
||||||
 Relationships |
|
Notes |
|
|
(0003785) luca-endian (developer) 2010-02-15 08:47 |
Is that happening with windows clients? |
|
(0003786) fabiana (reporter) 2010-02-15 08:48 |
Yes. I only have Windows Clients here. Both XP and Windows7. |
|
(0003939) peter-endian (administrator) 2010-03-05 00:25 |
these push values are confgurable for each user, therefore you will not find them within the global openvpn config file. can you please check if you have the correct values in /var/openvpn/clients/<ACCOUNTNAME> the template for the user files is /var/openvpn/user.tmpl WINS is not configurable right now, but DNS and DOMAIN should be pushed |
|
(0003940) fabiana (reporter) 2010-03-05 06:06 |
We use only X.509 certificates for OpenVPN, so there are no users on the firewall itself. "Global push options" don't apply in this case? |
|
(0004075) volker (reporter) 2010-03-20 15:29 |
Same here, migrating a fw + openvpn server to Endian. Using X.509 (ca.crt, vpnserver.crt, vpnserver.key) and ended up messing with /etc/openvpn/openvpn.conf.tmpl |
|
(0004080) peter-endian (administrator) 2010-03-22 16:51 edited on: 2010-03-22 16:53 |
i understand well, then it does not set it in the global openvpn configuration. those values will only be set within the user's configuration. so those global values really will not be taken in consideration right now with x509 authentication thank you for bringing this to our attention you can try to create an account called "DEFAULT", which then will be used as default configuration for those connectinos. that should work actually it is asking for a password, but as long as you don't use 2-factor auth it should not be used. |
|
(0007420) arno_filter (reporter) 2011-09-18 15:41 |
Hi, is this bug still existent? I got nearly the same behaviour with the EFW 2.4.1. Regards Arno |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2010-02-14 20:00 | fabiana | New Issue | |
| 2010-02-15 08:47 | luca-endian | Note Added: 0003785 | |
| 2010-02-15 08:48 | fabiana | Note Added: 0003786 | |
| 2010-03-05 00:25 | peter-endian | Note Added: 0003939 | |
| 2010-03-05 00:25 | peter-endian | Status | new => feedback |
| 2010-03-05 06:06 | fabiana | Note Added: 0003940 | |
| 2010-03-20 15:29 | volker | Note Added: 0004075 | |
| 2010-03-22 16:51 | peter-endian | Note Added: 0004080 | |
| 2010-03-22 16:51 | peter-endian | Status | feedback => confirmed |
| 2010-03-22 16:52 | peter-endian | Note Added: 0004081 | |
| 2010-03-22 16:53 | peter-endian | Note Edited: 0004080 | |
| 2010-03-22 16:53 | peter-endian | Note Deleted: 0004081 | |
| 2010-03-22 16:54 | peter-endian | Target Version | => future |
| 2010-09-23 13:20 | peter-endian | Summary | OpenVPN DCHP Options not pushed => global OpenVPN DCHP Options not pushed when using X509 without having accounts |
| 2010-09-23 13:20 | peter-endian | Relationship added | has duplicate 0002187 |
| 2011-09-18 15:41 | arno_filter | Note Added: 0007420 | |
| 2012-07-20 11:59 | luke-endian | Note Added: 0007954 | |
| 2012-07-20 11:59 | luke-endian | Note Edited: 0007954 | |
| 2012-07-20 12:00 | luke-endian | File Added: image001.png | |
| 2012-07-20 12:01 | luke-endian | Note Edited: 0007954 | |
| 2012-07-20 12:01 | luke-endian | Tag Attached: purple | |
| 2012-07-23 14:55 | luke-endian | File Deleted: image001.png | |
| 2012-07-23 14:55 | luke-endian | Note Deleted: 0007954 | |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |