Settings change borked my GUI

Post Reply
AUstine
OpenVpn Newbie
Posts: 2
Joined: Wed Jul 17, 2019 8:58 pm

Settings change borked my GUI

Post by AUstine » Wed Jul 17, 2019 9:04 pm

I was attempting to disable some CIPHER's per an Audit.

Found this page: https://openvpn.net/vpn-server-resource ... ss-server/

Added cipher ciphername to both boxes and then all the webpages stopped loading.

Should have thought that through a bit more but I am stuck with it now. I was wondering if anyone knew how to remove those settings through the command line or if anyone has any advice.

novaflash
I should be on the dev team.
Posts: 1017
Joined: Fri Apr 13, 2012 8:43 pm

Re: Settings change borked my GUI

Post by novaflash » Wed Jul 17, 2019 9:08 pm

If you change the ciphers without reinstalling the clients, you're gonna have a bad time. You can't change the cipher on an existing deployment without reinstalling the clients.

You can fix this by removing those items from your Access Server configuration.

AUstine
OpenVpn Newbie
Posts: 2
Joined: Wed Jul 17, 2019 8:58 pm

Re: Settings change borked my GUI

Post by AUstine » Wed Jul 17, 2019 9:20 pm

Luckily we had it all set to default so I should be able to revert back if I can find out how. Since I cant access the UI, I am attempting to find the commands to force reset all the settings I just changed.

novaflash
I should be on the dev team.
Posts: 1017
Joined: Fri Apr 13, 2012 8:43 pm

Re: Settings change borked my GUI

Post by novaflash » Wed Jul 17, 2019 9:35 pm

So... your Access Server is unreachable unless you are connected over VPN? A bit odd. Anyways.. run these commands on the command line to wipe these commands:

Please note that if you enter directives into either of the two boxes for 'client config directives' or 'server config directives' that they are NOT checked for validity. In fact, if you enter incorrect information in the 'server config directives' box or the 'client config directives' box it is possible that the server will fail. Fortunately it is easy to recover from this mistake by logging on to the console or an SSH session to the Access Server and performing the following commands:

/usr/local/openvpn_as/scripts/confdba -mk "vpn.server.config_text" -v ""
/usr/local/openvpn_as/scripts/confdba -mk "vpn.client.config_text" -v ""
service openvpnas restart

Post Reply