Page 1 of 1
Best way to migrate OpenVPN server to another machine?
Posted: Wed Sep 19, 2012 8:10 am
by riahc3
Hello
Im going to migrate a entire OpenVPN server to another machine. What is the best way to to do this?
Thanks!
Re: Best way to migrate OpenVPN server to another machine?
Posted: Wed Sep 19, 2012 8:13 am
by maikcat
hi there,
if you are using open source edition then "migration" is simple...
simply copy the directory which you keep keys,configs and you are done.
Michael.
Re: Best way to migrate OpenVPN server to another machine?
Posted: Sun Jan 27, 2013 6:42 am
by shar0119
Please can someone tell me the location of the keys. I can find the as.conf file at /usr/local/openvpn-as/etc but am looking for the user keys to migrate over the users.
Re: Best way to migrate OpenVPN server to another machine?
Posted: Tue Jan 29, 2013 5:51 am
by shar0119
I found it using the "find" command on the Linux machine.
Re: Best way to migrate OpenVPN server to another machine?
Posted: Tue Sep 17, 2013 7:32 pm
by placidsolace
Hey folks,
I tried this "copy files" business from a debian build to ubuntu and I am having trouble connecting to the new server. Are there specific configuration steps I am missing?? I have installed openvpn, webmin, and configured the network interface accordingly, but still no go, seems like connections just time out. Any help is appreciated, feel free to call me a noob and ask for more info from this noob if needed to assist. Thanks in advance.
~placidsolace~
Re: Best way to migrate OpenVPN server to another machine?
Posted: Wed Sep 18, 2013 8:44 am
by maikcat
post config used & logs from server.
Michael.
Re: Best way to migrate OpenVPN server to another machine?
Posted: Thu Jan 05, 2023 6:48 am
by xepto
can some help me too on this, i have a same problem
Re: Best way to migrate OpenVPN server to another machine?
Posted: Thu Jan 19, 2023 10:14 am
by 300000
That is beautiful of open source as people should learn and improve it. If this is your job so you need to deal with this . You can pay for someone do this job for you is an option. Now is your turn and decide as nobody understand your system at moments. There are many risk if this is for business connection then lot of work for many things to come.
Re: Best way to migrate OpenVPN server to another machine?
Posted: Wed Jan 25, 2023 10:02 pm
by openvpn_inc
Wow, a thread from 2012 resurrected from the dead. Impressive.
Probably people got here through a Google search or something so let me provide some basic information here.
If you run OpenVPN Access Server, follow this guide;
https://openvpn.net/vpn-server-resource ... tallation/
If you set up an open source OpenVPN server, then whoever did that, knows where the configuration files and certificates and keys are. If you can't find it, I suggest looking for it diligently. The server config is either in /etc/openvpn/ or a subdirectory there, or stored elsewhere. You may have to hunt around for where the CA and certificate files are, as you definitely do not want to lose those. Since this is open source, it can be set up theoretically in any location, and could be on a Windows server or macOS system as well since OpenVPN2 can serve as both a server and a client. It's impossible for us to know where this data is stored, you will have to find it yourself, as it could be literally anywhere on the system. That's just entirely up to the person who originally set it up. So we can provide little guidance here except, look for the server config file and look for the CA and certificates and move that all over.
Good luck,
Johan
Re: Best way to migrate OpenVPN server to another machine?
Posted: Sat Jul 01, 2023 6:03 pm
by tkalfaoglu
Hi. I have the same issue.. I'm migrating an OpenVPN server from one AlmaLinux machine to a Rocky Linux machine.. The new machine is about 3 years newer..
I copied the entire /etc/openvpn to the new server, started it, but when I try to connect to it as client, it's giving errors:
#/usr/sbin/openvpn --daemon --writepid /run/openvpn/server.pid --cd /etc/openvpn --config server.conf --script-security 2
Code: Select all
Re-using SSL/TLS context
LZO compression initializing
Control Channel MTU parms [ L:1622 D:1212 EF:38 EB:0 ET:0 EL:3 ]
Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 ]
Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
UDPv4 READ [14] from [AF_INET]193.162.15.18:58472: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
TLS: Initial packet from [AF_INET]193.162.15.18:58472, sid=f3dfd19b 412e45cb
VERIFY ERROR: depth=0, error=CRL signature failure: C=TR, ST=TR, L=Izmir, O=Kalfaoglu, OU=kalfaoglu, CN=turgut kalfaoglu, name=turgut kalfaoglu, emailAddress=info@kalfaoglu.net, serial=3
OpenSSL: error:1417C086:SSL routines:tls_process_client_certificate:certificate verify failed
I checked the server.conf that the server uses and ALL the paths mentioned are below /etc/openvpn , so I must have copied everything.. the only thing I suspect is the OpenSSL installation on the two machines, although they are strictly at the same level.. openssl-1.1.1k-9.el8_7.x86_64