Best way to migrate OpenVPN server to another machine?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVPN User
- Posts: 46
- Joined: Tue Jun 26, 2012 9:04 am
Best way to migrate OpenVPN server to another machine?
Hello
Im going to migrate a entire OpenVPN server to another machine. What is the best way to to do this?
Thanks!
Im going to migrate a entire OpenVPN server to another machine. What is the best way to to do this?
Thanks!
- maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Best way to migrate OpenVPN server to another machine?
hi there,
if you are using open source edition then "migration" is simple...
simply copy the directory which you keep keys,configs and you are done.
Michael.
if you are using open source edition then "migration" is simple...
simply copy the directory which you keep keys,configs and you are done.
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
- OpenVpn Newbie
- Posts: 9
- Joined: Sun Jan 27, 2013 6:40 am
Re: Best way to migrate OpenVPN server to another machine?
Please can someone tell me the location of the keys. I can find the as.conf file at /usr/local/openvpn-as/etc but am looking for the user keys to migrate over the users.
-
- OpenVpn Newbie
- Posts: 9
- Joined: Sun Jan 27, 2013 6:40 am
Re: Best way to migrate OpenVPN server to another machine?
I found it using the "find" command on the Linux machine.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Tue Sep 17, 2013 7:28 pm
Re: Best way to migrate OpenVPN server to another machine?
Hey folks,
I tried this "copy files" business from a debian build to ubuntu and I am having trouble connecting to the new server. Are there specific configuration steps I am missing?? I have installed openvpn, webmin, and configured the network interface accordingly, but still no go, seems like connections just time out. Any help is appreciated, feel free to call me a noob and ask for more info from this noob if needed to assist. Thanks in advance.
~placidsolace~
I tried this "copy files" business from a debian build to ubuntu and I am having trouble connecting to the new server. Are there specific configuration steps I am missing?? I have installed openvpn, webmin, and configured the network interface accordingly, but still no go, seems like connections just time out. Any help is appreciated, feel free to call me a noob and ask for more info from this noob if needed to assist. Thanks in advance.
~placidsolace~
- maikcat
- Forum Team
- Posts: 4200
- Joined: Wed Jan 12, 2011 9:23 am
- Location: Athens,Greece
- Contact:
Re: Best way to migrate OpenVPN server to another machine?
post config used & logs from server.
Michael.
Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
Long live Dino Dini (Kick off 2 Creator)
Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)
"objects in mirror are losing"
-
- OpenVpn Newbie
- Posts: 1
- Joined: Thu Jan 05, 2023 4:27 am
Re: Best way to migrate OpenVPN server to another machine?
can some help me too on this, i have a same problem
-
- OpenVPN Expert
- Posts: 685
- Joined: Tue May 01, 2012 9:30 pm
Re: Best way to migrate OpenVPN server to another machine?
That is beautiful of open source as people should learn and improve it. If this is your job so you need to deal with this . You can pay for someone do this job for you is an option. Now is your turn and decide as nobody understand your system at moments. There are many risk if this is for business connection then lot of work for many things to come.
- openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: Best way to migrate OpenVPN server to another machine?
Wow, a thread from 2012 resurrected from the dead. Impressive.
Probably people got here through a Google search or something so let me provide some basic information here.
If you run OpenVPN Access Server, follow this guide;
https://openvpn.net/vpn-server-resource ... tallation/
If you set up an open source OpenVPN server, then whoever did that, knows where the configuration files and certificates and keys are. If you can't find it, I suggest looking for it diligently. The server config is either in /etc/openvpn/ or a subdirectory there, or stored elsewhere. You may have to hunt around for where the CA and certificate files are, as you definitely do not want to lose those. Since this is open source, it can be set up theoretically in any location, and could be on a Windows server or macOS system as well since OpenVPN2 can serve as both a server and a client. It's impossible for us to know where this data is stored, you will have to find it yourself, as it could be literally anywhere on the system. That's just entirely up to the person who originally set it up. So we can provide little guidance here except, look for the server config file and look for the CA and certificates and move that all over.
Good luck,
Johan
Probably people got here through a Google search or something so let me provide some basic information here.
If you run OpenVPN Access Server, follow this guide;
https://openvpn.net/vpn-server-resource ... tallation/
If you set up an open source OpenVPN server, then whoever did that, knows where the configuration files and certificates and keys are. If you can't find it, I suggest looking for it diligently. The server config is either in /etc/openvpn/ or a subdirectory there, or stored elsewhere. You may have to hunt around for where the CA and certificate files are, as you definitely do not want to lose those. Since this is open source, it can be set up theoretically in any location, and could be on a Windows server or macOS system as well since OpenVPN2 can serve as both a server and a client. It's impossible for us to know where this data is stored, you will have to find it yourself, as it could be literally anywhere on the system. That's just entirely up to the person who originally set it up. So we can provide little guidance here except, look for the server config file and look for the CA and certificates and move that all over.
Good luck,
Johan
OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Jun 29, 2023 11:18 am
Re: Best way to migrate OpenVPN server to another machine?
Hi. I have the same issue.. I'm migrating an OpenVPN server from one AlmaLinux machine to a Rocky Linux machine.. The new machine is about 3 years newer..
I copied the entire /etc/openvpn to the new server, started it, but when I try to connect to it as client, it's giving errors:
#/usr/sbin/openvpn --daemon --writepid /run/openvpn/server.pid --cd /etc/openvpn --config server.conf --script-security 2
I checked the server.conf that the server uses and ALL the paths mentioned are below /etc/openvpn , so I must have copied everything.. the only thing I suspect is the OpenSSL installation on the two machines, although they are strictly at the same level.. openssl-1.1.1k-9.el8_7.x86_64
I copied the entire /etc/openvpn to the new server, started it, but when I try to connect to it as client, it's giving errors:
#/usr/sbin/openvpn --daemon --writepid /run/openvpn/server.pid --cd /etc/openvpn --config server.conf --script-security 2
Code: Select all
Re-using SSL/TLS context
LZO compression initializing
Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
UDPv4 READ [14] from [AF_INET]193.162.15.18:58472: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
TLS: Initial packet from [AF_INET]193.162.15.18:58472, sid=f3dfd19b 412e45cb
VERIFY ERROR: depth=0, error=CRL signature failure: C=TR, ST=TR, L=Izmir, O=Kalfaoglu, OU=kalfaoglu, CN=turgut kalfaoglu, name=turgut kalfaoglu, emailAddress=info@kalfaoglu.net, serial=3
OpenSSL: error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed