Pfsense OpenVPN and MT300N-V2 (SOLVED)

Hi, today arrival to me the new MT300N-V2

In try configure my VPN (Is a Pfsense with OpenVPN) but dont work.

In download the 3 files from PFSense (the .ovpn, .key and .p12), and upload, but have the next problem in the log say:

Exiting due to fatal error OpenVPN 2.4.3 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] library versions: OpenSSL 1.0.2k 26 Jan 2017, LZO 2.09 Error opening file pfSense-udp-1194-ibague.p12 Exiting due to fatal error

If im download this file in my Windows or Mac clients, work perfect, but in my MT300 dont work,
any suggestions?

Pda: Im try with the firmware 2.27 and with the 2.26
In this two the same problem

Thanks for your help.


Problem solved, thanks to other post.

The problem is solved edit the .ovpn file and add the route /etc/openvpn/ in the pkcs12 line

for example:
pkcs12 /etc/openvpn/mykey.p12

Im think this is a bug in the firmware, becouse by default all clients download the route without this path.
How is possible report this to the developers?


@alzhao @kyson-lok Bug Report :stuck_out_tongue:

1 Like

Just to add, the best way is to actually embed the certificate and key into the ovpn file. You can convert your p12 like so:

openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys
openssl pkcs12 -in path.p12 -out newfile.key.pem -nocerts -nodes

or if you need to enter a password too:

openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys -passin ‘pass:P@s5w0rD’

Then you paste the contents of the cert and key like so into the ovpn file:

***Paste CA Cert Text Here***
***Paste Your Cert Text Here***
***Paste Your Cert Private Key Here***

You can see my full opvn file here:

should be a problem.

Just want to clarify, the firmware didn’t check pkcs12 tags, right?

Then another file link should be added. @kyson-lok

As far as I am concerned that PKCS12 is one key file containing the private and public key of the client and the CA certificate, so it doesn’t need specify ca and cert and key file on ovpn file. I think pkcs12 can merge to ovpn file.

Yes is the file, Pfsense download the keys is separate files this

For this is need put the path to this file, other configurations save in the .ovpn file this keys

Using the PEM format when exporting from PfSense you can just do like i wrote before, you paste in the key, cert, ca into the openvpn ovpn file.

That is also what @kyson-lok is recommended that you do @casoft