Gargoyle Forum

Hello,

The case concerns: Gargoyle 1.14 and OpenVPN

If I understood correctly what happened, it works like this:

I remove one of the OpenVPN clients which causes two lines to be added to /etc/config/openvpn:
Then after restarting the OpenVPN server, the following lines are added to the /etc/openvpn/server.conf file:
And everything works fine, except I came across a problem of this type, that from one day to the next all my clients stopped connecting and the active connection stopped working. It turned out that the reason was an outdated file /etc/openvpn/crl.pem. The solution was to log into the router, and add and remove the client, which renewed the crl.pem file: And finally I get to the heart of the problem:

If the server has been running for over half a year and there was no need to add clients, the crl.pem file becomes outdated from one day to the next and it is impossible to connect to the server.

The solution is probably to log into the router to add and remove the client from time to time (let's say every 4 months), but maybe this renewal of the crl.pem file can be organized somehow in cron?

Best regards,
Marcin

You are 100% correct.
I also have run into this, and have implemented a back end function to fix it a few months ago.
https://github.com/ericpaulbishop/gargo ... 46c06fb5be

I have not yet built a front end button to trigger it. It’s coming!
Thanks for posting the workaround in the meantime.

Thanks for the fix.

I applied it to my openvpn.sh and added the following to crontab:
Looks like it works

Just double check you might also need to do an OpenVPN restart to read the new file? I’m not sure.
It will momentarily boot any connected clients so early in the morning (as you currently have it) is a good choice.