Reply
Highlighted
New Member
Posts: 3
Registered: ‎09-13-2018

openvpn client persisting config

Hi community,

 

using a USG pro since 2 days.

I am trying to configure the USG as Openvpn client talking to a pfsense OpenVPN server.

 

I have been able to configure the USG as mentioned here:

 

https://community.ubnt.com/t5/UniFi-Stories/Connecting-Unifi-USG-site-to-pfSense-OpenVPN-site-to-sit...

 

However what does not seem to work is creating the interface, unless I ssh to the device, enter config mode and configure the interface on the command line:

 

set interfaces openvpn vtun0 config-file /config/openvpn/client.conf

When I commit and save the tunnel comes up and traffic is running across it. 

 

show interfaces openvpn

also shows me nicely the interface with the Tunnel IP attached to it.

 

I also had added a "config.gateway.json" file on my Windows Server based controller. The folder is:

[...]\Ubiquiti UniFi\data\sites\default

The file is in the "default" directory, since I do not have any other sites, other than my primary which unifi automatically calls "default". Not sure this is the problem,

 

The json content inside the file shows:

{ "interfaces": { "openvpn": { "vtun0": { "config-file": "/config/openvpn/client.conf" } } } }

As one can see, it is pointing to the same exact config file, as the one I use when enabling the interface using SSH on the CLI.

However, after provisioning of the USG the tunnel config is gone and no vtun0 anymore present, unless I ssh again and issue the same command line command as previosuly mentioned.

 

I understand the json file is supposed to make sure exactly that, so to not overwrite the config after provisioning (or automatically re-write by calling the conf file during provisioning), however it doesn't seem to work.

 

Does anyobody have an idea what I am doing wrong here?

 

 

New Member
Posts: 3
Registered: ‎09-13-2018

Re: openvpn client persisting config

[ Edited ]

Maybe one thing to add:

 

Controller is Version 5.9.26.0 and USG is Firmware 4.4.28.5118769

New Member
Posts: 4
Registered: ‎05-19-2016

Re: openvpn client persisting config

While I have set-up the OpenVPN connection between two USGs (both on a dynamic IP address behind ISP routers) using SSH and following the Edgerouter instructions (https://help.ubnt.com/hc/en-us/articles/204949694-EdgeRouter-OpenVPN-Site-to-Site) I have the same problem trying to figure out how to make this configuration persistent (wich it was on the edge routers I used before).

 

I am not familiar with JSON but could probably manage to configure some script on the USG if that were the way to go. Just have not seen any thread on the forum that seems to have solved this problem.

Reply