on vyos-1.5 20260509-rolling:
I’ve generated the following config from a Sophos UTM remote access profile:
set interfaces openvpn vtun1 mode server
set interfaces openvpn vtun1 device-type tun
set interfaces openvpn vtun1 protocol tcp-passive
set interfaces openvpn vtun1 local-host x.x.x.x
set interfaces openvpn vtun1 local-host x:x:x:x::219:78
set interfaces openvpn vtun1 local-port 443
set interfaces openvpn vtun1 encryption data-ciphers aes256
set interfaces openvpn vtun1 hash sha256
set interfaces openvpn vtun1 server topology subnet
set interfaces openvpn vtun1 server subnet 172.18.6.128/25
set interfaces openvpn vtun1 server reject-unconfigured-client
set interfaces openvpn vtun1 openvpn-option 'duplicate-cn'
set interfaces openvpn vtun1 use-lzo-compression
set interfaces openvpn vtun1 openvpn-option 'persist-key'
set interfaces openvpn vtun1 persistent-tunnel
set interfaces openvpn vtun1 openvpn-option 'reneg-seq 28800'
set interfaces openvpn vtun1 openvpn-option 'username-as-common-name'
set interfaces openvpn vtun1 openvpn-option '--auth-user-pass-verify /config/auth/check_user.sh via-env'
set interfaces openvpn vtun1 openvpn-option '--script-security 3'
set interfaces openvpn vtun1 tls ca-certificate 'REF_CASIGVPNSIGNICA'
set interfaces openvpn vtun1 tls certificate 'REF_SCRVGPSLIKCO'
set interfaces openvpn vtun1 tls auth-key 'REF_SCRVGPSLIKCO'
set interfaces openvpn vtun1 tls dh-params 'DH2048'
but a commit results in
[ interfaces openvpn vtun1 ]
There are no openvpn shared-secrets in PKI configuration
[[interfaces openvpn vtun1]] failed
And I have no clue why, I am not using any shared-secrets, the existing clients don’t define one, and I don’t want to use any (also, they are deprecated in OpenVPN).
Any types on what goes wrong here, and how to correct it?