Info You need a current cert for that? O my!

[Telos]

My email provider/ISP (Spectrum) has this nasty habit of disallowing uses to send email. I've never found an app to get around this. When I do I get an IP error, about some reverse DNS authentication... whatever that is.

So the few times I need to send an email from my phone, I connect to my VPN server, and out go the emails, except...

This past weekend I was out of town, and needed to respond quickly to some incoming email messages. After connecting to the VPN server, I discovered I was without any internet access... and I was two days from reaching home to sort all this out... a major suck.

Now back at the local LAN ranch, it appears that a recent update of my LE cert is the culprit. How did I miss that? So now... every 3 months, update LE, then update OPVN? Seems so. Or did I misunderstand my mess?

 

[fredbert]

Had a look on my VPN Server setup, which is a backup option for VPN Plus. From my phone, I was able to connect back in via a mobile data session.

Last time I changed these OpenVPN settings and made a new ovpn was last March. The VPN Server certificate is set to be my default LE, which has the OpenVPN server name included in the certificate’s SAN.

I do keep a second VPN type as backup in case my preferred stops working. Also I have OpenVPN UDP to the router and port forward OpenVPN TCP to the NAS.

edit:

Had a recent renewal either fail or not happen. But manually renewed and was ok. This was a certificate I use for Web Station virtual hosts, so less visible when this happened. I noticed that all the other certificates are now issued by R3 but I think I remember that one (this?) wasn’t prior to the manual renewal.

 

[Rusty]

Or did I misunderstand my mess?

I agree. As much as any other service using a LE cert does continue to work without any problems after a fresh renewal, from time to time, the VPN package does have problems in terms of connecting to it. One restart of the service and that is that. Not always but happens.

 

[Telos]

I agree. As much as any other service using a LE cert does continue to work without any problems after a fresh renewal, from time to time, the VPN package does have problems in terms of connecting to it. One restart of the service and that is that. Not always but happens.

Thanks for the confirmation. This was quite frustrating, and I don't recall ever having to regenerate opvn files following a cert renewal.

 

[Telos]

Ran across a similar post on Reddit today...

To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.

Accept third party cookies

 

[WST16]

from time to time, the VPN package does have problems in terms of connecting to it. One restart of the service and that is that.

This rings a bell. It happened to me a couple of times so far. I think it times out while trying to connect. Restarting the VPN package solved it IIRC.
Not sure why. Maybe it’s the above, but I don’t think it happened right after LE renewal. It was random (I think). It’s like if suddenly it decided it had enough.

Anyways, I ended up installing the VPN package on another DS (to have two DiskStations providing OpenVPN services) on the same LAN just in case.

A bug (maybe)!

 

[jucor]

FWIW, that's the kind of hassle which made me move from OpenVPN to Tailscale. So much smoother now, don't know how I lived without it. Highly recommend giving it a try.

 

[Rusty]

Had my eye on Tail for some time. Waiting for the official final Docker support. Still not there completely.