OpenVPN Upgrade Notes.md 1.8 KB
OpenVPN Upgrade Notes
https://openvpn.net/vpn-server-resources/keeping-openvpn-access-server-updated/
https://openvpn.net/vpn-software-packages/
Current version 2.7.3
:warning: OpenVPN Version 2.8.x is NOT FIPS Compliant and will NOT run in FIPS mode.
- Download next version to Repo server.
wget -O openvpn-as-2.8.6-CentOS7.x86_64.rpm https://openvpn.net/downloads/openvpn-as-latest-CentOS7.x86_64.rpmwget -O openvpn-as-bundled-clients-13.rpm https://openvpn.net/downloads/openvpn-as-bundled-clients-latest.rpm - Follow notes in (Reposerver Notes.md) for prepping Repo server and target server.
Backup the current configuration ( https://openvpn.net/vpn-server-resources/configuration-database-management-and-backups/#Backing_up_the_OpenVPN_Access_Server_configuration )
which apt > /dev/null 2>&1 && apt -y install sqlite3 which yum > /dev/null 2>&1 && yum -y install sqlite cd /usr/local/openvpn_as/etc/db [ -e config.db ]&&sqlite3 config.db .dump>../../config.db.bak [ -e certs.db ]&&sqlite3 certs.db .dump>../../certs.db.bak [ -e userprop.db ]&&sqlite3 userprop.db .dump>../../userprop.db.bak [ -e log.db ]&&sqlite3 log.db .dump>../../log.db.bak [ -e config_local.db ]&&sqlite3 config_local.db .dump>../../config_local.db.bak [ -e cluster.db ]&&sqlite3 cluster.db .dump>../../cluster.db.bak [ -e clusterdb.db ]&&sqlite3 clusterdb.db .dump>../../clusterdb.db.bak [ -e notification.db ]&&sqlite3 notification.db .dump>../../notification.db.bak cp ../as.conf ../../as.conf.bakEnsure you have a good EBS Volume Snapshot ( take a new one so it will not get auto deleted )
After a yum update, the OpenVPN service might die and not come back up. Use the bastion host to ssh in a remedy this.
systemctl status openvpnshutdown -r nowcheck version
/usr/local/openvpn_as/scripts/sacli Version