Cake
Senior Member
If anybody is interested in this quick instructions. There is only a tiny bit of info I can find on how to do this according to google, so now snb forums gets a one stop how too.
My current versions:
OPNsense 16.7.3-amd64
FreeBSD 10.3-RELEASE-p7
OpenSSL 1.0.2h 3 May 2016
OpenVPN 2.3.12 (soon to be downgraded)
OpenVPN is currently at 2.3.12, I found that Clayfaces's patch works up to version 2.3.11
After you install OpnSense, follow these steps:
1)Turn on SSH (Secure Shell)
2)Log into router root@192.*.*.* (default pass is opnsense)
3)Select #8
5)
4)Web GUI-->System--->Firmware--->Packages---> Lock openvpn from being updated. (even though it says a different version, if you check the log it says openvpn 2.3.11)
This is working for me TESTED (for some reason I have to put comp-lzo no into server and client configs)
Easy as pie, Now if I could only understand the pf way of doing things.
Excuse the basic command line stuff, I know I could have combined some of those lines.
Edits forgot the apply patch step. Remove installing nano. Doh
My current versions:
OPNsense 16.7.3-amd64
FreeBSD 10.3-RELEASE-p7
OpenSSL 1.0.2h 3 May 2016
OpenVPN 2.3.12 (soon to be downgraded)
OpenVPN is currently at 2.3.12, I found that Clayfaces's patch works up to version 2.3.11
After you install OpnSense, follow these steps:
1)Turn on SSH (Secure Shell)
2)Log into router root@192.*.*.* (default pass is opnsense)
3)Select #8
5)
Code:
#pkg install wget
#pkg install git
#cd ~
#mkdir XOR
#cd XOR
#wget https://github.com/clayface/openvpn_xorpatch/archive/master.zip
#unzip master.zip
#wget http://swupdate.openvpn.org/community/releases/openvpn-2.3.11.tar.xz
#tar -xf openvpn-*
#cp openvpn_xorpatch-master/openvpn_xor.patch ~/XOR/openvpn-2.3.11/
#cd openvpn-2.3.11
#git apply openvpn_xor.patch
#./configure CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib"
#make
#make install
4)Web GUI-->System--->Firmware--->Packages---> Lock openvpn from being updated. (even though it says a different version, if you check the log it says openvpn 2.3.11)
This is working for me TESTED (for some reason I have to put comp-lzo no into server and client configs)
Easy as pie, Now if I could only understand the pf way of doing things.
Excuse the basic command line stuff, I know I could have combined some of those lines.
Edits forgot the apply patch step. Remove installing nano. Doh
Last edited: