OpenVPN Beta Server (beta.vpn.sonic.net) Upgraded

Advanced feature discussion, beta programs and unsupported "Labs" features.
8 posts Page 1 of 1
by joemuller » Tue May 07, 2019 6:08 pm
We've just upgraded the OpenVPN Access Server software on beta.vpn.sonic.net to the latest 2.7.x release.

If you're using the beta.vpn server, please make sure your connection still works and report any issues in this thread. Pending any major issues, the main server (ovpn.sonic.net) will be upgraded next week.
I'm a proud employee of Sonic.net! :-)
by vpnuser » Thu May 09, 2019 2:13 pm
I hopped on using the openvpn-client version 2.4.6 include with pfSense with no issues so far (~1 day). Well, except for my own mistakes :).
by cmeisel » Fri May 24, 2019 8:04 am
joemuller wrote:
We've just upgraded the OpenVPN Access Server software on beta.vpn.sonic.net to the latest 2.7.x release.

If you're using the beta.vpn server, please make sure your connection still works and report any issues in this thread. Pending any major issues, the main server (ovpn.sonic.net) will be upgraded next week.


Did you guys upgrade ovpn.sonic.net to 2.7.x yet?
by kgc » Fri May 24, 2019 9:57 am
Not yet, this will happen as part of hardware migration that we plan to do in a week or two though.
Kelsey Cummings
System Architect, Sonic.net, Inc.
by billcour » Sat May 25, 2019 3:39 pm
Will the upgrade take care of the following warnings from Tunnelblick 3.7.9?

-----
Warning: This VPN may not connect in the future.

The OpenVPN configuration file for 'client' contains these OpenVPN options:

• 'ns-cert-type' was deprecated in OpenVPN 2.4 and removed in OpenVPN 2.5

• 'comp-lzo' was deprecated in OpenVPN 2.4 and has been or will be removed in a later version


You should update the configuration so it can be used with modern versions of OpenVPN.

Tunnelblick will use OpenVPN 2.4.7 - OpenSSL v1.0.2r to connect this configuration.

However, you will not be able to connect to this VPN with future versions of Tunnelblick that do not include a version of OpenVPN that accepts the options.
-----
by macmaxbh » Sat Jun 08, 2019 4:47 pm
Unfortunately looks like Tunnelblick gives the same message when importing a profile from the beta site, so it looks like the answer is no. :(

edit: Ah, see in the other thread:
As far as I know there is still no OpenVPN client/server 2.5 release within sight. As of now, 2.4.7 is the latest version and there's a lot of work to be done for 2.5. When it does come out our configs will likely change and clients should be updated with newer versions.

Since it will be significant enough of a release to require config changes, we'll keep the previous version running for a while and put the new version on beta and give sufficient warning since changing these options will prevent clients with older configurations from connecting.

TL;DR - totally safe to ignore these warnings for now.
by billcour » Sat Jun 08, 2019 5:11 pm
Thanks for checking it out and making an informative reply. I'll check the box to suppress the message.
by forest » Wed Jun 12, 2019 10:37 am
I hope you guys will remember to keep TLS 1.0 enabled when you do the upgrade, so those who depend on the beta server for openvpn 2.3 support will not have their connectivity broken.

(Relatedly, Ubiquiti now has an unstable EdgeOS update that includes openvpn 2.4. It's not reliable yet, but they have been making steady progress on the bugs, so I wouldn't be surprised if it became usable in the next few months.)
8 posts Page 1 of 1

Who is online

In total there are 3 users online :: 0 registered, 0 hidden and 3 guests (based on users active over the past 5 minutes)
Most users ever online was 422 on Sat May 26, 2012 5:28 am

Users browsing this forum: No registered users and 3 guests