Results 1 to 5 of 5
  1. #1
    Master Untangler
    Join Date
    May 2010
    Posts
    280

    Default Can't get OpenVPN from Chromebook to Untangle working

    I have OpenVPN setup, and can connect from multiple windows clients just fine.

    I wanted to VPN from my Chromebook. So I followed the guide, got the ONC file on my chromebook and imported it. The connection shows up. I added a random word as the password, as the guide mentions.

    But everytime I try to connect to the VPN I see it trying for a while and then I get an error on the Chromebook saying 'network connection error', Failed to connect to network.

    I am at a loss on how to troubleshoot it. Could it be a certificate authority/store issue? Other?

    Jason

  2. #2
    Master Untangler
    Join Date
    May 2010
    Posts
    280

    Default

    I think I fixed it...

    I had added the server variable "tls-version-min" and set it to 1.2 to force TLS 1.2... Although that seemed to work fine with my android phone and windows laptops, as soon as I removed that my chromebook would successfully connect - whereas it wouldn't before.

    I'll try putting that variable back in and testing some more when I have time... But it worked immediately after removing that setting, so seems like the issue.

    Jason

  3. #3
    Untanglit
    Join Date
    Jan 2017
    Posts
    17

    Default

    I have the same issue.

    Do you think its possible to run OpenVPN on another "rack" running on a different port than the default rack? Then it would be possible to remove the "tls-version-min" option/setting.

    Thoughts?

  4. #4
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    16,024

    Default

    I'm going to ask some questions for selfish reasons. We often need to figure out a way to allow for users to customize their setups in ways that we don't recommend. This is necessary for advanced users to support advanced use cases, but it goes against our "keep it simple" philosophy.

    For OpenVPN we tried to do this by adding the advanced tab with these warnings at the top (with red icon and in bold):
    Advanced settings require careful configuration.
    Misconfiguration can compromise the proper operation and security of your server.
    Changes made on this tab are not officially supported.

    Did you read these? Is there any better text that we could have placed here that would have been more effective?
    Why would you post on the forums after changing these settings and not mention it?

    Lastly, do you think there is any [better] way we can allow users to change advanced settings without getting themselves in trouble?

    Looking for honest productive feedback for the next time we consider adding advanced functionality.
    Last edited by dmorris; 06-19-2017 at 09:11 AM.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Master Untangler
    Join Date
    May 2010
    Posts
    280

    Default

    In my case, I forgot I made that change. There was nothing wrong with the warning.

    Had I remembered I made that change, that would have been the first thing I reverted before posting.

    The issue is more that it is hard to remember every change you have made weeks or months later. I hadn't tried connecting my chromebook until a while after making that change, so it wasn't immediately obvious that the change impacted anything negatively.
    Last edited by JasonJoel; 06-19-2017 at 07:19 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2