Best way to migrate OpenVPN server to another machine?

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
riahc3
OpenVPN User
Posts: 46
Joined: Tue Jun 26, 2012 9:04 am

Best way to migrate OpenVPN server to another machine?

Post by riahc3 » Wed Sep 19, 2012 8:10 am

Hello

Im going to migrate a entire OpenVPN server to another machine. What is the best way to to do this?

Thanks!

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: Best way to migrate OpenVPN server to another machine?

Post by maikcat » Wed Sep 19, 2012 8:13 am

hi there,

if you are using open source edition then "migration" is simple...

simply copy the directory which you keep keys,configs and you are done.

Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

shar0119
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 27, 2013 6:40 am

Re: Best way to migrate OpenVPN server to another machine?

Post by shar0119 » Sun Jan 27, 2013 6:42 am

Please can someone tell me the location of the keys. I can find the as.conf file at /usr/local/openvpn-as/etc but am looking for the user keys to migrate over the users.

shar0119
OpenVpn Newbie
Posts: 9
Joined: Sun Jan 27, 2013 6:40 am

Re: Best way to migrate OpenVPN server to another machine?

Post by shar0119 » Tue Jan 29, 2013 5:51 am

I found it using the "find" command on the Linux machine.

placidsolace
OpenVpn Newbie
Posts: 1
Joined: Tue Sep 17, 2013 7:28 pm

Re: Best way to migrate OpenVPN server to another machine?

Post by placidsolace » Tue Sep 17, 2013 7:32 pm

Hey folks,

I tried this "copy files" business from a debian build to ubuntu and I am having trouble connecting to the new server. Are there specific configuration steps I am missing?? I have installed openvpn, webmin, and configured the network interface accordingly, but still no go, seems like connections just time out. Any help is appreciated, feel free to call me a noob and ask for more info from this noob if needed to assist. Thanks in advance. :D

~placidsolace~

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: Best way to migrate OpenVPN server to another machine?

Post by maikcat » Wed Sep 18, 2013 8:44 am

post config used & logs from server.

Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

xepto
OpenVpn Newbie
Posts: 1
Joined: Thu Jan 05, 2023 4:27 am

Re: Best way to migrate OpenVPN server to another machine?

Post by xepto » Thu Jan 05, 2023 6:48 am

can some help me too on this, i have a same problem

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: Best way to migrate OpenVPN server to another machine?

Post by 300000 » Thu Jan 19, 2023 10:14 am

That is beautiful of open source as people should learn and improve it. If this is your job so you need to deal with this . You can pay for someone do this job for you is an option. Now is your turn and decide as nobody understand your system at moments. There are many risk if this is for business connection then lot of work for many things to come.

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: Best way to migrate OpenVPN server to another machine?

Post by openvpn_inc » Wed Jan 25, 2023 10:02 pm

Wow, a thread from 2012 resurrected from the dead. Impressive.

Probably people got here through a Google search or something so let me provide some basic information here.

If you run OpenVPN Access Server, follow this guide;
https://openvpn.net/vpn-server-resource ... tallation/

If you set up an open source OpenVPN server, then whoever did that, knows where the configuration files and certificates and keys are. If you can't find it, I suggest looking for it diligently. The server config is either in /etc/openvpn/ or a subdirectory there, or stored elsewhere. You may have to hunt around for where the CA and certificate files are, as you definitely do not want to lose those. Since this is open source, it can be set up theoretically in any location, and could be on a Windows server or macOS system as well since OpenVPN2 can serve as both a server and a client. It's impossible for us to know where this data is stored, you will have to find it yourself, as it could be literally anywhere on the system. That's just entirely up to the person who originally set it up. So we can provide little guidance here except, look for the server config file and look for the CA and certificates and move that all over.

Good luck,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

tkalfaoglu
OpenVpn Newbie
Posts: 4
Joined: Thu Jun 29, 2023 11:18 am

Re: Best way to migrate OpenVPN server to another machine?

Post by tkalfaoglu » Sat Jul 01, 2023 6:03 pm

Hi. I have the same issue.. I'm migrating an OpenVPN server from one AlmaLinux machine to a Rocky Linux machine.. The new machine is about 3 years newer..

I copied the entire /etc/openvpn to the new server, started it, but when I try to connect to it as client, it's giving errors:

#/usr/sbin/openvpn --daemon --writepid /run/openvpn/server.pid --cd /etc/openvpn --config server.conf --script-security 2

Code: Select all


Re-using SSL/TLS context
LZO compression initializing
Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
UDPv4 READ [14] from [AF_INET]193.162.15.18:58472: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
TLS: Initial packet from [AF_INET]193.162.15.18:58472, sid=f3dfd19b 412e45cb
VERIFY ERROR: depth=0, error=CRL signature failure: C=TR, ST=TR, L=Izmir, O=Kalfaoglu, OU=kalfaoglu, CN=turgut kalfaoglu, name=turgut kalfaoglu, emailAddress=info@kalfaoglu.net, serial=3
OpenSSL: error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed

I checked the server.conf that the server uses and ALL the paths mentioned are below /etc/openvpn , so I must have copied everything.. the only thing I suspect is the OpenSSL installation on the two machines, although they are strictly at the same level.. openssl-1.1.1k-9.el8_7.x86_64

Post Reply